The vulnerability of Microprogramming Software in Cisco SIP IP Phones like Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series arises from insufficient protection for operational data, allowing unauthorized access to protected information by attackers.

🗓️ 30 Apr 2025 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

Weak protection of operational data in Cisco SIP phones and 8875/9800 series enables SSH access.

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2025-20158	19 Feb 202520:25	–	circl
Cisco	Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability	19 Feb 202516:00	–	cisco
Tenable Nessus	Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure (cisco-sa-phone-info-disc-YyxsWStK)	21 Feb 202500:00	–	nessus
CNNVD	Cisco Video Phone和Cisco Desk Phone 信息泄露漏洞	19 Feb 202500:00	–	cnnvd
CVE	CVE-2025-20158	19 Feb 202516:06	–	cve
Cvelist	CVE-2025-20158 Cisco Video Phone 8875 and Desk Phone 9800 Series Information Disclosure Vulnerability	19 Feb 202516:06	–	cvelist
EUVD	EUVD-2025-4670	3 Oct 202520:07	–	euvd
NVD	CVE-2025-20158	19 Feb 202516:15	–	nvd
OSV	CVE-2025-20158	19 Feb 202516:15	–	osv
Positive Technologies	PT-2025-7536 · Cisco · Cisco Desk Phone 9800 Series +1	19 Feb 202500:00	–	ptsecurity

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-info-disc-YyxsWStK
web	www.web.nvd.nist.gov/view/vuln/detail

30 Apr 2025 00:00Current

5.5Medium risk

Vulners AI Score5.5

CVSS 34.4

CVSS 24.6

EPSS0.00146

Cisco SIP phones Video Phone 8875 Desk Phone 9800 operational data protection unauthorized access Secure Shell