A vulnerability in the TFTP implementation of the Cisco Small Business SPA30X and SPA50X IP Phones could allow an unauthenticated, local attacker to load arbitrary firmware images onto the affected device.

The vulnerability is due to insufficient file integrity checks of the firmware image. An attacker could exploit this vulnerability by gaining access to the local shell of the device and loading an arbitrary firmware image onto the device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-ipp

Leave a Reply