CVE-2019-1683

moderate-risk

Published 2019-02-25

A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of a Transport Level Security (TLS)-encrypted Session Initiation Protocol (SIP) conversation. The vulnerability is due to the improper validation of server certificates. An attacker could exploit this vulnerability by crafting a malicious server certificate to present to the client. An exploit could allow an attacker to eavesdrop on TLS-encrypted traffic and potentially route or redirect calls initiated by an affected device. Affected software include version 7.6.2 of the Cisco Small Business SPA525 Series IP Phones and Cisco Small Business SPA5X5 Series IP Phones and version 1.4.2 of the Cisco Small Business SPA500 Series IP Phones and Cisco Small Business SPA112 Series IP Phones.

Do I need to act?

0.17% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.4/10 High

NETWORK / HIGH complexity

Affected Products (14)

Spa112 Firmware

Spa525 Firmware

Spa5X5 Firmware

Spa500 Firmware

Spa500S Firmware

Spa500Ds Firmware

Spa501G Firmware

Spa502G Firmware

Spa504G Firmware

Spa508G Firmware

Spa509G Firmware

Spa512G Firmware

Spa514G Firmware

Spa525G Firmware

Affected Vendors

Cisco

References (4)

Broken Link http://www.securityfocus.com/bid/107111

Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2...

Broken Link http://www.securityfocus.com/bid/107111

Vendor Advisory https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2...

/ 100

moderate-risk

Severity 22/34 · High

Exploitability 1/34 · Minimal

Exposure 18/34 · Moderate