CVE-2022-20968

2022-12-0816:13:11

cisco

www.cve.org

cisco

ip phone

vulnerability

discovery protocol

stack overflow

remote code execution

denial of service

CVSS3

8.1

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

EPSS

0.001

Percentile

39.5%

JSON

A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device.

This vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device.

CNA Affected

[
  {
    "vendor": "Cisco",
    "product": "Cisco Session Initiation Protocol (SIP) Software",
    "versions": [
      {
        "version": "9.3(4) 3rd Party",
        "status": "affected"
      },
      {
        "version": "9.3(4)SR3 3rd Party",
        "status": "affected"
      },
      {
        "version": "9.3(4)SR1 3rd Party",
        "status": "affected"
      },
      {
        "version": "9.3(4)SR2 3rd Party",
        "status": "affected"
      },
      {
        "version": "11.5(1)",
        "status": "affected"
      },
      {
        "version": "11.7(1)",
        "status": "affected"
      },
      {
        "version": "11.0(0.7) MPP",
        "status": "affected"
      },
      {
        "version": "11.0(1) MPP",
        "status": "affected"
      },
      {
        "version": "11.0(1)",
        "status": "affected"
      },
      {
        "version": "11.5(1)SR1",
        "status": "affected"
      },
      {
        "version": "11-0-1MSR1-1",
        "status": "affected"
      },
      {
        "version": "10.4(1) 3rd Party",
        "status": "affected"
      },
      {
        "version": "10.3(1.11) 3rd Party",
        "status": "affected"
      },
      {
        "version": "10.2(2)",
        "status": "affected"
      },
      {
        "version": "10.2(1)SR1",
        "status": "affected"
      },
      {
        "version": "10.1(1.9)",
        "status": "affected"
      },
      {
        "version": "10.1(1)SR2",
        "status": "affected"
      },
      {
        "version": "10.2(1)",
        "status": "affected"
      },
      {
        "version": "10.1(1)SR1",
        "status": "affected"
      },
      {
        "version": "10.4(1)SR2 3rd Party",
        "status": "affected"
      },
      {
        "version": "10.3(1)",
        "status": "affected"
      },
      {
        "version": "10.3(1)SR4b",
        "status": "affected"
      },
      {
        "version": "10.3(1)SR5",
        "status": "affected"
      },
      {
        "version": "10.3(1.9) 3rd Party",
        "status": "affected"
      },
      {
        "version": "10.3(2)",
        "status": "affected"
      },
      {
        "version": "10.3(1)SR4",
        "status": "affected"
      },
      {
        "version": "10.3(1)SR2",
        "status": "affected"
      },
      {
        "version": "10.3(1)SR3",
        "status": "affected"
      },
      {
        "version": "10.3(1)SR1",
        "status": "affected"
      },
      {
        "version": "12.6(1)",
        "status": "affected"
      },
      {
        "version": "12.1(1)",
        "status": "affected"
      },
      {
        "version": "12.5(1)SR1",
        "status": "affected"
      },
      {
        "version": "12.5(1)SR2",
        "status": "affected"
      },
      {
        "version": "12.5(1)",
        "status": "affected"
      },
      {
        "version": "12.5(1)SR3",
        "status": "affected"
      },
      {
        "version": "12.6(1)SR1",
        "status": "affected"
      },
      {
        "version": "12.7(1)",
        "status": "affected"
      },
      {
        "version": "12.1(1)SR1",
        "status": "affected"
      },
      {
        "version": "12.0(1)",
        "status": "affected"
      },
      {
        "version": "12.0(1)SR2",
        "status": "affected"
      },
      {
        "version": "12.0(1)SR1",
        "status": "affected"
      },
      {
        "version": "12.0(1)SR3",
        "status": "affected"
      },
      {
        "version": "12.8(1)",
        "status": "affected"
      },
      {
        "version": "12.8(1)SR1",
        "status": "affected"
      },
      {
        "version": "12.8(1)SR2",
        "status": "affected"
      },
      {
        "version": "10.3(1)SR6",
        "status": "affected"
      },
      {
        "version": "10.3(1)SR7",
        "status": "affected"
      },
      {
        "version": "12.7(1)SR1",
        "status": "affected"
      },
      {
        "version": "14.0(1)SR1",
        "status": "affected"
      },
      {
        "version": "14.0(1)",
        "status": "affected"
      },
      {
        "version": "14.0(1)SR2",
        "status": "affected"
      },
      {
        "version": "14.0(1)SR3",
        "status": "affected"
      },
      {
        "version": "14.1(1)",
        "status": "affected"
      },
      {
        "version": "14.1(1)SR1",
        "status": "affected"
      }
    ]
  }
]