CiscoCISCO-SA-20151209-IPPMultiple Cisco IP Phones Firmware Image Upload Vulnerability
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
5.1%
A vulnerability in the TFTP implementation of the Cisco Small Business SPA30X and SPA50X IP Phones could allow an unauthenticated, local attacker to load arbitrary firmware images onto the affected device.
The vulnerability is due to insufficient file integrity checks of the firmware image. An attacker could exploit this vulnerability by gaining access to the local shell of the device and loading an arbitrary firmware image onto the device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-ipp[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-ipp”]
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | spa500_series_ip_phones_firmware | any | cpe:2.3:o:cisco:spa500_series_ip_phones_firmware:any:*:*:*:*:*:*:* |
| cisco | dx_series_ip_phones_firmware | any | cpe:2.3:o:cisco:dx_series_ip_phones_firmware:any:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
5.1%