{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2023-026.pdf"
    },
    "title": "Critical Vulnerability in a Cisco Product",
    "serial_number": "2023-026",
    "publish_date": "05-05-2023 12:39:00",
    "description": "On May 3, 2023, Cisco released an advisory to address a critical vulnerability in the web-based management system of the Cisco SPA112 2-Port Phone Adapters. The vulnerability is tracked as \"CVE-2023-20126\" and has a CVSS score of 9.8.<br>\n",
    "url_title": "2023-026",
    "content_markdown": "--- \ntitle: 'Critical Vulnerability in\u00a0a Cisco Product' \nversion: '1.0'\nnumber: '2023-026'\noriginal_date: 'May 3, 2023'\ndate: 'May 5, 2023'\n---\n\n_History:_\n\n* _05/05/2023 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn May 3, 2023, Cisco released an advisory to address a critical vulnerability in the web-based management system of the Cisco SPA112 2-Port Phone Adapters. The vulnerability is tracked as `CVE-2023-20126` and has a CVSS score of 9.8 [1].\n\n# Technical Details\n\nA vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges [1].\n\nThere are currently no reports yet of an active exploitation of this vulnerability [2].\n\n# Affected Products\n\nThis vulnerability affects all firmware releases for Cisco SPA112 2-Port Phone Adapters [1].\n\nMoreover, Cisco has not released and will not release firmware updates to address the vulnerability, because Cisco SPA112 2-Port Phone Adapters have entered the end of-life process and are no longer supported [1].\n\n# Recommendations\n\nCERT-EU encourage constituents to discontinue using the product, as well as verify if any other similar -- possibly also no longer supported -- products are in use. \n\n# Workarounds\n\nThere are no workarounds that address this vulnerability. \n\n# References\n\n[1] <https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-spa-unauth-upgrade-UqhyTWW>\n\n[2] <https://www.bleepingcomputer.com/news/security/cisco-phone-adapters-vulnerable-to-rce-attacks-no-fix-available/>",
    "content_html": "<p><em>History:</em></p><ul><li><em>05/05/2023 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On May 3, 2023, Cisco released an advisory to address a critical vulnerability in the web-based management system of the Cisco SPA112 2-Port Phone Adapters. The vulnerability is tracked as <code>CVE-2023-20126</code> and has a CVSS score of 9.8 [1].</p><h2 id=\"technical-details\">Technical Details</h2><p>A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges [1].</p><p>There are currently no reports yet of an active exploitation of this vulnerability [2].</p><h2 id=\"affected-products\">Affected Products</h2><p>This vulnerability affects all firmware releases for Cisco SPA112 2-Port Phone Adapters [1].</p><p>Moreover, Cisco has not released and will not release firmware updates to address the vulnerability, because Cisco SPA112 2-Port Phone Adapters have entered the end of-life process and are no longer supported [1].</p><h2 id=\"recommendations\">Recommendations</h2><p>CERT-EU encourage constituents to discontinue using the product, as well as verify if any other similar -- possibly also no longer supported -- products are in use. </p><h2 id=\"workarounds\">Workarounds</h2><p>There are no workarounds that address this vulnerability. </p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-spa-unauth-upgrade-UqhyTWW\">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-spa-unauth-upgrade-UqhyTWW</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.bleepingcomputer.com/news/security/cisco-phone-adapters-vulnerable-to-rce-attacks-no-fix-available/\">https://www.bleepingcomputer.com/news/security/cisco-phone-adapters-vulnerable-to-rce-attacks-no-fix-available/</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}