Cisco's warning about the possibility of IP contamination of mobile phones

Summary: Cisco has published a new security advisory about a critical flaw affecting the IP Phone 7800 and 8800 series firmware that could lead to remote code execution or a denial of service (DoS) condition. Networking equipment specialist Cisco said it is working on a patch to address the vulnerability, which is identified as CVE-2022-20968 (CVSS score: 8.1). This vulnerability is caused by an ingress invalidation event in Cisco Discovery Protocol (CDP) packets received. CDP is a proprietary network-independent protocol that is used to collect information about nearby connected devices such as hardware, software, and device name, etc. Enabled by default. "An attacker could exploit this vulnerability by sending Cisco Discovery Protocol traffic to an affected device," the company said in an alert published on December 8, 2022. "A successful exploit could allow an attacker to cause a stack overflow that could lead to remote code execution or a denial of service (DoS) condition on the affected device." Cisco IP Phones running OS version 14.2 and earlier are affected by this vulnerability. A patch is scheduled for release in January 2023, and the company says there are no updates or fixes to fix the problem. However, in deployments that support both LLDP or Link Layer Discovery Protocol and CDP for neighbor discovery, users can disable CDP to allow affected devices to advertise their identities and capabilities to LLDP to communicate directly with neighbors on a network. Change location. "This change is not trivial and requires effort on the part of the company to evaluate any potential impact on devices, as well as the best approach to deploying this change in their company," the company says. It also warned that it was aware of the availability of a proof-of-concept (PoC) exploit and that the flaw had been publicly disclosed. There is no evidence that this vulnerability has been actively exploited to date. Qian Chen of the Codesafe Legendsec team at Qi'anxin Group is responsible for discovering and reporting this vulnerability.