Endpoint/Device Security

Cisco warns critical RCE bug in end-of-life IP phone adapters won’t get patched


Cisco Systems is warning a critical flaw impacting its IP phone ports allow unauthenticated attackers to execute code remotely on targeted devices and gain full admin privileges. It is urging customers still using the impacted model, SPA 112 2-Port Phone Adapters, to upgrade to its Cisco ATA 190 Series Analog Telephone Adapter to mitigate the flaw.

"Cisco has not released and will not release firmware updates to address the vulnerability that is described in this advisory," the company wrote in a security bulletin on Wednesday.

The vulnerable IP phone adapter is part of its small business line of IP phones. The bug has a Common Vulnerability Scoring System rating of 9.8 out of 10. Tracked as CVE-2023-20126, the bug is due to a missing authentication process within the firmware upgrade function, Cisco reported on Wednesday. Successful exploit could give an attacker full privileges on an affected device.

"An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges," according to the NIST description of the bug.

Cisco it was retiring the SPA 112 2-Port Phone Adapters December 2019 and said end-of-life security support for the product would be June 2020. It's unclear how many impacted models might still be in use today.

The company said it was not aware of the vulnerability being exploited in the wild. The company credited "CataLpa" of DBappSecurity Co., Ltd Hatlab for

Stephen Weigand

Stephen Weigand is managing editor and production manager for SC Media. He has worked for news media in Washington, D.C., covering military and defense issues, as well as federal IT. He is based in the Seattle area.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.