Published: 23/09/2020 Updated: 08/10/2020

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 6.6 | Impact Score: 5.9 | Exploitability Score: 0.7

VMScore: 409

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Subscribe to Spa500 Series Ip Phones Firmware

A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate malicious user to execute arbitrary commands on the device. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit this vulnerability by accessing the physical interface of a device and inserting a USB storage device. A successful exploit could allow the malicious user to execute scripts on the device in an elevated security context.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco spa500_series_ip_phones_firmware

A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device The vulnerability is due to the presence of development testing and verification scripts that remained on the device An attacker could exploit this vulnerability by accessing the physical interfac ...

CWE-20 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-spa500-script https://nvd.nist.gov https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-spa500-script

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-15959

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect