Cyber Resilience

CVE-2022-20817

High

Published: 15 June 2022

Published
15 June 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0089 76.0th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-20817 is a high-severity PRNG (CWE-338) vulnerability in Cisco Unified Ip Phone 6911 Firmware. Its CVSS base score is 7.4 (High).

Operationally, ranked in the top 24.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user's phone if the Cisco Unified Communications Manager (CUCM) is in secure mode. This vulnerability is due to improper key generation during the manufacturing…

more

process that could result in duplicated manufactured keys installed on multiple devices. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on the secure communication between the phone and the CUCM. A successful exploit could allow the attacker to impersonate another user's phone. This vulnerability cannot be addressed with software updates. There is a workaround that addresses this vulnerability.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

cisco
unified ip phone 6911 firmware
all versions
cisco
unified ip phone 6921 firmware
all versions
cisco
unified ip phone 6941 firmware
all versions
cisco
unified ip phone 6945 firmware
all versions
cisco
unified ip phone 6961 firmware
all versions
cisco
unified ip phone 8941 firmware
all versions
cisco
unified ip phone 8945 firmware
all versions
cisco
unified ip phone 8961 firmware
all versions
cisco
unified ip phone 9951 firmware
all versions
cisco
unified ip phone 9971 firmware
all versions
+1 more product configuration(s) — see NVD for full list

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-338

Security associations share details on cryptographically weak PRNGs, helping avoid their implementation in security-critical functions.

addresses: CWE-338

Cryptographic key management standards require cryptographically strong PRNGs for key material, blocking use of weak generators.

References