6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.003 Low
EPSS
Percentile
71.6%
A vulnerability in the firmware of the Cisco Small Business SPA 300 and 500 series IP phones could allow an unauthenticated, remote attacker to listen to the audio stream of an IP phone.
The vulnerability is due to improper authentication settings in the default configuration. An attacker could exploit this vulnerability by sending a crafted XML request to the affected device. An exploit could allow the attacker to listen to a remote audio stream or make phone calls remotely.
Cisco has confirmed the vulnerability; however, software updates are not available.
To exploit this vulnerability, an attacker may need access to trusted, internal networks behind a firewall to send crafted XML requests to the targeted device. This access requirement may reduce the likelihood of a successful exploit.
Cisco would like to thank Chris Watts of Tech Analysis for reporting this vulnerability.
Cisco plans to release new software that addresses this vulnerability by April 10, 2015.
CPE | Name | Operator | Version |
---|---|---|---|
cisco small business spa500 series ip phones | eq | any | |
cisco small business spa500 series ip phones | eq | any |