Cyber Resilience

CVE-2023-20079

Critical

Published: 03 March 2023

Published
03 March 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0421 89.0th percentile
Risk Priority 22 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-20079 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Cisco Ip Phone 6871 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 11.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

Multiple vulnerabilities affect the web-based management interface of certain Cisco IP Phones. These issues, tracked under CWE-121 and CWE-787, carry a CVSS score of 9.8 and can permit unauthenticated remote attackers to execute arbitrary code or trigger a denial-of-service condition.

An unauthenticated remote attacker can send specially crafted requests to the exposed management interface to exploit the flaws, achieving either full code execution with high impact on confidentiality, integrity, and availability or a DoS state without any user interaction or credentials.

The referenced Cisco Security Advisory at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ip-phone-cmd-inj-KMFynVcP details the affected phone models and provides mitigation guidance, including software updates and configuration recommendations.

EPSS scores for this CVE reached a peak of 0.1357 after disclosure before receding to the current value of 0.0421.

EU & UK References

Vulnerability details

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section…

more

of this advisory.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

cisco
ip phone 6871 firmware
≤ 11.3.7sr1
cisco
ip phone 6861 firmware
≤ 11.3.7sr1
cisco
ip phone 6851 firmware
≤ 11.3.7sr1
cisco
ip phone 6841 firmware
≤ 11.3.7sr1
cisco
ip phone 6825 firmware
≤ 11.3.7sr1
cisco
ip phone 7861 firmware
≤ 11.3.7sr1
cisco
ip phone 7841 firmware
≤ 11.3.7sr1
cisco
ip phone 7832 firmware
≤ 11.3.7sr1
cisco
ip phone 7821 firmware
≤ 11.3.7sr1
cisco
ip phone 7811 firmware
≤ 11.3.7sr1
+11 more product configuration(s) — see NVD for full list

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-787

Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.

References