CVE-2020-3111
published 2020-02-05CVE-2020-3111: A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute…
high8.8CVSS 3.1
AVAACLPRNUINSUCHIHAH
A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_ip_phone | >= unspecified < 12.7(1) | 12.7(1) |
| cisco | ip_conference_phone_7832_firmware | < 12.7\(1\) | 12.7\(1\) |
| cisco | ip_conference_phone_7832_with_multiplatform_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |
| cisco | ip_conference_phone_8832_firmware | < 12.7\(1\) | 12.7\(1\) |
| cisco | ip_conference_phone_8832_with_multiplatform_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |
| cisco | ip_phone | — | — |
| cisco | ip_phone_6821_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |
| cisco | ip_phone_6841_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |
| cisco | ip_phone_6851_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |
| cisco | ip_phone_6861_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |
| cisco | ip_phone_6871_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |
| cisco | ip_phone_7811_firmware | < 12.7\(1\) | 12.7\(1\) |
| cisco | ip_phone_7811_with_multiplatform_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |
| cisco | ip_phone_7821_firmware | < 12.7\(1\) | 12.7\(1\) |
| cisco | ip_phone_7821_with_multiplatform_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |
| cisco | ip_phone_7841_firmware | < 12.7\(1\) | 12.7\(1\) |
| cisco | ip_phone_7841_with_multiplatform_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |
| cisco | ip_phone_7861_firmware | < 12.7\(1\) | 12.7\(1\) |
| cisco | ip_phone_7861_with_multiplatform_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |
| cisco | ip_phone_8811_firmware | < 12.7\(1\) | 12.7\(1\) |
| cisco | ip_phone_8811_with_multiplatform_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |
| cisco | ip_phone_8841_firmware | < 12.7\(1\) | 12.7\(1\) |
| cisco | ip_phone_8841_with_multiplatform_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |
| cisco | ip_phone_8845_firmware | < 12.7\(1\) | 12.7\(1\) |
| cisco | ip_phone_8845_with_multiplatform_firmware | < 11.3\(1\)sr1 | 11.3\(1\)sr1 |