The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate malicious user to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and Wireless IP Phone products prior to 2021-07-07. Exploitation is possible only when the attacker can disassemble the device in order to control the voltage/current for chip pins.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco ip phone 8800 firmware |
||
cisco ip phone 8800 series with multiplatform firmware |
||
cisco ip phone 8811 firmware |
||
cisco ip phone 8811 with multiplatform firmware |
||
cisco ip phone 8841 firmware |
||
cisco ip phone 8841 with multiplatform firmware |
||
cisco ip phone 8845 firmware |
||
cisco ip phone 8845 with multiplatform firmware |
||
cisco ip phone 8851 firmware |
||
cisco ip phone 8851 with multiplatform firmware |
||
cisco ip phone 8861 firmware |
||
cisco ip phone 8861 with multiplatform firmware |
||
cisco ip phone 8865 with multiplatform firmware |
||
cisco ip phone 8865 firmware |
||
cisco wireless ip phone 8821 firmware |
Vulmon