CVE-2020-3111

HIGH

Cisco IP Phone Firmware - Remote Code Execution or DoS via Cisco Discovery Protocol

Title source: llm
STIX 2.1

Description

A vulnerability in the Cisco Discovery Protocol implementation for the Cisco IP Phone could allow an unauthenticated, adjacent attacker to remotely execute code with root privileges or cause a reload of an affected IP phone. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a crafted Cisco Discovery Protocol packet to the targeted IP phone. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

References (2)

Core 2

Scores

CVSS v3 8.8
EPSS 0.0023
EPSS Percentile 46.3%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-20
Status published
Products (33)
cisco/ip_conference_phone_7832_firmware < 12.7\(1\)
cisco/ip_conference_phone_7832_with_multiplatform_firmware < 11.3\(1\)sr1
cisco/ip_conference_phone_8832_firmware < 12.7\(1\)
cisco/ip_conference_phone_8832_with_multiplatform_firmware < 11.3\(1\)sr1
cisco/ip_phone_6821_firmware < 11.3\(1\)sr1
cisco/ip_phone_6841_firmware < 11.3\(1\)sr1
cisco/ip_phone_6851_firmware < 11.3\(1\)sr1
cisco/ip_phone_6861_firmware < 11.3\(1\)sr1
cisco/ip_phone_6871_firmware < 11.3\(1\)sr1
cisco/ip_phone_7811_firmware < 12.7\(1\)
... and 23 more
Published Feb 05, 2020
Tracked Since Feb 18, 2026