The Portable Software Developer Kit (SDK) for Universal Plug-n-Play (UPnP) Devices contains a libupnp library, originally known as the Intel SDK for UPnP Devices, which is vulnerable to multiple stack-based buffer overflows when handling malicious Simple Service Discovery Protocol (SSDP) requests. This library is used in several vendor network devices, in addition to media streaming and file sharing applications. These vulnerabilities were disclosed on January 29th, 2013 in a CERT Vulnerability Note, VU#922681, which can be viewed at http://www.kb.cert.org/vuls/id/922681. Cisco is currently evaluating products for possible exposure to these vulnerabilities. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130129-upnp
Product | Bug ID |
Cisco AP541N Wireless Access Point | CSCue19294 |
Cisco NSS300 Series Smart Storage** | CSCue19395 |
Cisco PVC2300 Business Internet Video Camera** | CSCue21009 |
Cisco RV0XX Series Routers** | CSCue20980 |
Cisco RV220W Wireless Network Security Firewall | CSCue20983 |
Cisco RV120W Wireless-N VPN Firewall | CSCue20983 |
Cisco RVL200 VPN Router** | CSCue20989 |
Cisco RVS4000 Gigabit Security Router** | CSCue20997 |
Cisco Small Business ISA500 Series Integrated Security Appliances | CSCue19341 |
Cisco Small Business SA500 Series Security Appliances | CSCue21031 |
Cisco TelePresence C Series Endpoints | CSCue19318 |
Cisco TelePresence System EX Series | CSCue19318 |
Cisco TelePresence SX20 | CSCue19318 |
Cisco WAP4400N Wireless-N Access Point | CSCue21567 |
Cisco WET200 Wireless-G Business Ethernet Bridge | CSCue21572 |
Cisco WRVS4400N Wireless-N Gigabit Security Router** | CSCue21578 |
Cisco WRV200 Wireless-G VPN Router** | CSCue21578 |
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
Revision 1.2 | 2013-February-13 | Added Confirmed Products to Affected list and added EOS/EOL notice for RV Series Routers. |
Revision 1.1 | 2013-January-30 | Added a link to the Cisco Applied Mitigation Bulletin. |
Revision 1.0 | 2013-January-29 | Initial public release. |
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. CISCO EXPECTS TO UPDATE THIS DOCUMENT AS NEW INFORMATION BECOMES AVAILABLE.
A stand-alone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy, and may lack important information or contain factual errors. The information in this document is intended for end-users of Cisco products.