A vulnerability in Cisco Unified IP Phone 9951, Cisco Unified IP Phone 9971, and Cisco Unified IP Phone 8961 could allow an authenticated, local malicious user to fully compromise the affected device. The vulnerability is due to insecure file permissions on memory block devices. An attacker could exploit this vulnerability by mounting a malicious filesystem that contains an attacker-controlled SUID binary. An exploit could allow the malicious user to take complete control of the affected device. Cisco would like to thank Red Balloon Security for reporting this vulnerability. Cisco has confirmed the vulnerability in a security notice and released software updates. To exploit this vulnerability, an attacker must have local access to the targeted device. This access requirement decreases the likelihood of a successful exploit. Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco unified_ip_phone_firmware - |
||
cisco unified_ip_phone_8961 |
||
cisco unified_ip_phone_9971 |
||
cisco unified_ip_phone_9951 |
Vulmon