Cisco has warned of a critical security flaw in SPA112 2-Port Phone Adapters that it said could be exploited by a remote attacker to execute arbitrary code on impacted products.
The issue, tracked as CVE-2023-20126, is rated 9.8 out of a highest of 10 on the CVSS scoring program. The organization credited Catalpa of DBappSecurity for reporting the shortcoming.
The solution in concern will make it feasible to hook up analog phones and fax machines to a VoIP assistance supplier devoid of necessitating an enhance.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
“This vulnerability is due to a missing authentication course of action within the firmware enhance purpose,” the business mentioned in a bulletin.
“An attacker could exploit this vulnerability by upgrading an influenced gadget to a crafted variation of firmware. A profitable exploit could allow the attacker to execute arbitrary code on the afflicted gadget with comprehensive privileges.”
Inspite of the severity of the flaw, the networking tools maker claimed it does not intend to launch fixes thanks to the reality the devices have arrived at conclude-of-existence (EoL) standing as of June 1, 2020.
It as an alternative is recommending that buyers migrate to a Cisco ATA 190 Collection Analog Phone Adapter, which is set to get its previous update on March 31, 2024. There is no evidence that the flaw has been maliciously exploited in the wild.
Observed this write-up appealing? Adhere to us on Twitter and LinkedIn to read through far more unique articles we publish.
Some areas of this post are sourced from:
thehackernews.com