Just one call, and your data is no longer yours.
A critical vulnerability (CVE-2024-20445) has been discovered in a series of Cisco IP phones that could allow remote attackers to access sensitive information. Affected models include Desk Phone 9800, IP Phone 7800, and 8800, and Video Phone 8875.
The problem is related to incorrect data storage in the web interface of devices using the SIP protocol, which leads to the exposure of sensitive information (CWE-200) when the Web Access function is enabled. Attackers can exploit this vulnerability by simply entering the IP address of the affected device.
If the attack is successful, potential access to information such as call recordings can be gained, putting users' privacy at risk. It is important to note that the Web Access feature is disabled by default, which somewhat reduces the risk. However, when it is activated, the vulnerability becomes available for exploitation.
Cisco has confirmed the issue and released updates to address the vulnerability. Unfortunately, there is no way around the problem other than by updating the software. All users who have Web Access enabled should either disable this feature or update the software immediately.
At time of publication, the vulnerability affects the Cisco Desk Phone 9800, IP Phone 7800, and 8800 models (excluding Wireless IP Phone 8821), and Video Phone 8875. To protect their data, users are encouraged to check if Web Access is enabled and disable it or install updates if necessary.
Source
A critical vulnerability (CVE-2024-20445) has been discovered in a series of Cisco IP phones that could allow remote attackers to access sensitive information. Affected models include Desk Phone 9800, IP Phone 7800, and 8800, and Video Phone 8875.
The problem is related to incorrect data storage in the web interface of devices using the SIP protocol, which leads to the exposure of sensitive information (CWE-200) when the Web Access function is enabled. Attackers can exploit this vulnerability by simply entering the IP address of the affected device.
If the attack is successful, potential access to information such as call recordings can be gained, putting users' privacy at risk. It is important to note that the Web Access feature is disabled by default, which somewhat reduces the risk. However, when it is activated, the vulnerability becomes available for exploitation.
Cisco has confirmed the issue and released updates to address the vulnerability. Unfortunately, there is no way around the problem other than by updating the software. All users who have Web Access enabled should either disable this feature or update the software immediately.
At time of publication, the vulnerability affects the Cisco Desk Phone 9800, IP Phone 7800, and 8800 models (excluding Wireless IP Phone 8821), and Video Phone 8875. To protect their data, users are encouraged to check if Web Access is enabled and disable it or install updates if necessary.
Source
