Cisco IP Phone 7800 Series and 8800 Series Remote Code Execution Vulnerability

On March 20th, Cisco released a security update for their line of 7800 and 8800 Series Cisco phones.

The vulnerability is in the web-based management interface of Session Initiation Protocol (SIP) Software. This vulnerability could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code.

According to Cisco, the vulnerability exists because the software improperly validates user-supplied input during user authentication. An attacker could exploit this vulnerability by connecting to an affected device using HTTP and supplying malicious user credentials. A successful exploit could allow the attacker to trigger a reload of an affected device, resulting in a DoS condition, or executing arbitrary code with the privileges of the app user.

Cisco has released free software updates that address the vulnerability. Customers may only install and expect support for software versions and feature sets for which they have purchased a license.

Customers who purchased directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC 

For current Stack8 clients, our team is working hard analyzing your environment to create a CR to apply the fix promptly if needed.

If you have any questions, do not hesitate to contact your Stack8 UC specialist. If you would like to know more on how Stack8 can help your enterprise to be proactive on those alerts, please reach out to us.