CVE-2023-20078
Published: 03 March 2023
Summary
CVE-2023-20078 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Cisco Ip Phone 6871 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 9.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Multiple vulnerabilities affect the web-based management interface of certain Cisco IP Phones, with the issues rooted in stack-based buffer overflows and out-of-bounds writes as indicated by the associated CWEs. These flaws enable unauthenticated remote attackers to trigger arbitrary code execution or denial-of-service conditions on the affected devices, reflected in the critical CVSS 9.8 score with network attack vector and no required privileges or user interaction.
An unauthenticated remote attacker can send specially crafted requests to the exposed web interface to achieve full code execution or crash the phone, compromising both confidentiality and availability without any prior authentication.
The official Cisco Security Advisory at the referenced URL details the affected phone models and available software updates that address the command injection and memory safety issues. The EPSS score rose materially from low values after disclosure to a peak of 0.2010 on 2025-12-11 before receding, indicating that exploitation interest emerged well after the initial publication and warrants renewed attention.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-24257
Vulnerability details
Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section…
more
of this advisory.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.