Cisco is warning of a number of crucial distant code execution zero-days within the web-based administration interface of the end-of-life Small Enterprise SPA 300 and SPA 500 collection IP telephones.
The seller has not made fixes out there for these gadgets and shared no mitigation ideas, so customers of these merchandise must transfer to newer and actively supported fashions as quickly as attainable.
Vulnerability particulars
Cisco has disclosed 5 flaws, three rated crucial (CVSS v3.1 rating: 9.8) and two categorized as high-severity (CVSS v3.1 rating: 7.5).
The crucial vulnerabilities are tracked as CVE-2024-20450, CVE-2024-20452, and CVE-2024-20454.
These buffer overflow vulnerabilities enable an unauthenticated, distant attacker to execute arbitrary instructions on the underlying OS with root privileges by sending a specifically crafted HTTP request to the goal system.
“A profitable exploit may enable the attacker to overflow an inner buffer and execute arbitrary instructions on the root privilege degree,” warns Cisco within the bulletin.
The 2 high-severity flaws are CVE-2024-20451 and CVE-2024-20453. They’re brought on by insufficient checks on HTTP packets, which permit malicious packets to trigger a denial of service on the affected system.
Cisco notes that each one 5 flaws affect all software program releases that run on SPA 300 and SPA 500 IP telephones no matter their configuration and are impartial of each other, which means that they are often exploited individually.
Finish of assist
In keeping with Cisco’s assist portal, SPA 300 was final offered to clients in February 2019 and reached its finish of assist three years later, in February 2022.
For SPA 500, the seller stopped promoting the {hardware} on the identical date it reached its finish of assist, on June 1, 2020.
It needs to be famous that Cisco remains to be protecting SPA 500 till Could 31, 2025 for holders of service contracts or particular guarantee phrases, however SPA 300 is not lined since February 29, 2024.
Neither will get a security replace, so customers are suggested to transition to newer, supported fashions, just like the Cisco IP Telephone 8841 or a mannequin from the Cisco 6800 collection.
Cisco additionally provides a Know-how Migration Program (TMP), which permits clients to commerce in eligible merchandise and obtain credit score towards new tools.
These uncertain about their choices are suggested to contact Cisco’s Technical Help Middle (TAC).
