Cisco IP Communicator Certificate Trust List Man-in-the-Middle Attack Vulnerability

Cisco IP Communicator contains a vulnerability that could allow an unauthenticated, remote attacker to conduct man-in-the-middle attacks on a targeted system.

The vulnerability is due insufficient validation of signing certificates in the Certificate Trust List which have been accepted by end users. An unauthenticated, remote attacker could exploit this vulnerability by impersonating trusted servers through crafted certificates. If successful, the attacker could launch further attacks on the system.

Cisco has confirmed this vulnerability and released software updates.

To successfully exploit this vulnerability, Cisco IP Communicator must be restarted. An attacker may use misleading language or instructions to convince a user to restart the device, or may use other means or attacks in an attempt to restart the device.

The CVSS score indicates that functional exploit code exists; however, the code is not known to be publicly available.