Security Experts:

Connect with us

Hi, what are you looking for?



Cisco Patches Critical Vulnerability in IP Phones

Cisco has released patches for a critical remote code execution vulnerability in certain IP phones.

Cisco this week announced software updates that address a critical vulnerability in the web-based management interface of its 6800, 7800, and 8800 series IP phones.

Tracked as CVE-2023-20078 (CVSS score of 9.8), the issue can be exploited by an unauthenticated, remote attacker to execute code with root privileges.

The security defect, Cisco explains in its advisory, exists because user input is not sufficiently validated.

“An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device,” the tech giant explains.

Vulnerable products include IP Phone 6800, 7800, and 8800 series devices, with multiplatform firmware. The flaw was addressed with the release of firmware version 11.3.7SR1.

The firmware update also addresses CVE-2023-20079 (CVSS score of 7.5), another insufficient validation of user-provided input bug, which could be exploited to cause a denial-of-service (DoS) condition.

In addition to the aforementioned devices, the vulnerability also impacts Cisco’s unified IP conference phone 8831, unified IP conference phone 8831 with multiplatform firmware, and unified IP phone 7900 series devices, which have reached end-of-life (EoL) status and will not receive patches.

Cisco says it is not aware of any of these vulnerabilities being exploited in malicious attacks.

This week, the tech giant also released software updates that resolve medium-severity vulnerabilities in Webex App for Web, Finesse, and Prime Infrastructure and Evolved Programmable Network (EPN) Manager.

The company also announced that it was working on patches for two medium-severity issues impacting Unified Intelligence Center. Version 12.6(2) of Unified Intelligence Center, expected to arrive in March, will address both flaws.

Additional information can be found on Cisco’s product security page.

Related: Cisco Patches High-Severity Vulnerabilities in ACI Components

Related: Critical Vulnerability Patched in Cisco Security Products

Related: Flaw in Cisco Industrial Appliances Allows Malicious Code to Persist Across Reboots

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.