Security Experts:

Connect with us

Hi, what are you looking for?



Cisco Patches Critical Flaws in IP Phones, UCS Director

Cisco this week released security patches to address numerous vulnerabilities across its products, including critical severity flaws that impact IP Phones and UCS Director.

Cisco this week released security patches to address numerous vulnerabilities across its products, including critical severity flaws that impact IP Phones and UCS Director.

The critical vulnerability patched in IP Phones impacts the web server and could allow a remote, unauthenticated attacker to execute code with root privileges. The bug has a CVSS score of 9.8.

Tracked as CVE-2020-3161, the issue exists because input in HTTP requests is not properly validated. Thus, an attacker could exploit the flaw by sending a crafted HTTP request to the web server of a vulnerable device.

“In, the parameters after /deviceconfig/setActivationCode are used to create a new URI via a sprintf function call. The length of the parameter string is not checked. When an attacker provides a long parameter string then sprintf overflows the provided stack-based buffer,” Tenable, which reported the bug to Cisco, explains.

IP Phone 7811, 7821, 7841, and 7861 Desktop Phones; IP Phone 8811, 8841, 8845, 8851, 8861, and 8865 Desktop Phones; Unified IP Conference Phone 8831; and Wireless IP Phone 8821 and 8821-EX were found to be affected.

Software updates that Cisco released this week address the vulnerability. The company says that, while it is aware of the flaw being publicly disclosed (Tenable has published a DoS proof-of-concept), it is not aware of the bug being targeted in attacks.

A total of three critical vulnerabilities were addressed in Cisco UCS Director and UCS Director Express for Big Data, all three discovered in the REST API. The bugs may allow a remote, unauthenticated attacker to bypass authentication or conduct directory traversal attacks.

The flaws are tracked as CVE-2020-3239, CVE-2020-3240, and CVE-2020-3243, and exist due to insufficient access control validation and improper input validation. All three issues were addressed in UCS Director and UCS Director Express for Big Data

This week, Cisco also released patches for seven high severity vulnerabilities impacting Wireless LAN Controller (WLC) Software, Webex Network Recording Player and Webex Player, Mobility Express Software, IoT Field Network Director, Unified Communications Manager (UCM) and UCM Session Management Edition (SME), and Aironet Series Access Points Software.

Six of the bugs could be exploited by unauthenticated, remote attackers to cause denial of service (DoS), conduct a cross-site request forgery (CSRF) attack, or to conduct directory traversal attacks. The bug in Webex Player could lead to remote code execution.

Cisco has released free software updates to address all of these vulnerabilities and says it is not aware of any public announcements or malicious use of these bugs. Details on each vulnerability are available on Cisco’s support website.

Related: Cisco Unveils SecureX Security Platform

Related: Cisco Patches DoS, Information Disclosure Flaws in Small Business Switches

Related: Cisco Patches Critical Vulnerability in Network Security Tool

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.


Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.


Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.