CVE-2024-20450

high-risk

Published 2024-08-07

Multiple vulnerabilities in the web-based management interface of Cisco Small Business SPA300 Series IP Phones and Cisco Small Business SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system with root privileges. These vulnerabilities exist because incoming HTTP packets are not properly checked for errors, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to overflow an internal buffer and execute arbitrary commands at the root privilege level.

Do I need to act?

22.9% chance of exploitation in next 30 days

EPSS score — higher than 77% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (11)

Spa 301 Firmware

Spa 303 Firmware

Spa 501G Firmware

Spa 502G Firmware

Spa 504G Firmware

Spa 508G Firmware

Spa 509G Firmware

Spa 512G Firmware

Spa 514G Firmware

Spa 525G Firmware

Spa 525G2 Firmware

Affected Vendors

Cisco

References (1)

Vendor Advisory https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ci...

/ 100

high-risk

Severity 32/34 · Critical

Exploitability 14/34 · Moderate

Exposure 16/34 · Moderate