Top Cisco phone adapter hit by serious security flaw

No fix is available yet, Cisco says.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A high-severity vulnerability has been discovered in a widely-used Cisco phone adapter that could allow threat actors to execute arbitrary code on the target endpoints, the company has confirmed.

Users are advised to move to a different device, given that the vulnerable ones reached end-of-life and are no longer receiving upgrades and fixes.

Cisco said that its SPA112 2-Port Phone Adapter lacks proper authentication processes in its firmware upgrade function. As a result, victims could end up installing amaliciousfirmware update, and, “a successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges.”

Local access only

The flaw is tracked as CVE-2023-20126, and has a severity score of 9.8 - critical.

The publication claims the adapters are “popular” among organizations looking to use analog phones on their VoIP networks without needing to upgrade. The silver lining in the flaw is that the adapters are not usually connected to the public internet, meaning threat actors would need to first access the local network in order to be able to exploit the flaw.

However, the vulnerability could be used to move laterally through the target network more easily, the publication adds, as security software usually doesn’t monitor tools such as this one.

Cisco says it’s spotted more security flaws in its SMB routers>Cisco says its server management tool has a serious security flaw>Check out the best firewalls right now

Given that the SPA112 reached end-of-life status and isn’t receiving updates, Cisco said it wouldn’t be addressing the vulnerability with a fix. Instead, it has told its customers to replace it with the ATA 190 Series Analog Telephone Adapter, a device that will be supported until March 31, 2024.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Cisco said that there is no evidence the flaw is currently being abused in the wild, but now that the information is out there, incursions are bound to happen. Outdated software and hardware are one of the most common ways hackers access target networks.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

New fanless cooling technology enhances energy efficiency for AI workloads by achieving a 90% reduction in cooling power consumption