CVE-2020-3574

HIGH

Cisco IP Phone Firmware - Denial of Service via TCP Packet Flood

Title source: llm

Description

A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulnerability is due to insufficient TCP ingress packet rate limiting. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the targeted device. A successful exploit could allow the attacker to impact operations of the phone or cause the phone to reload, leading to a denial of service (DoS) condition.

References (1)

Core 1

Core References

Patch, Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-flood-dos-YnU9EXOv

Scores

CVSS v3 7.5

EPSS 0.0318

EPSS Percentile 87.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-371

Status published

Products (8)

cisco/ip_dect_210_firmware < 4.8.1

cisco/ip_dect_6825_firmware < 4.8.1

cisco/ip_phone_8811_firmware < 11.3.2

cisco/ip_phone_8841_firmware < 11.3.2

cisco/ip_phone_8851_firmware < 11.3.2

cisco/ip_phone_8861_firmware < 11.3.2

cisco/unified_ip_conference_phone_8831_firmware 9.3\(4\) servicerelease3

cisco/webex_room_phone_firmware < 1.2.0

Published Nov 06, 2020

Tracked Since Feb 18, 2026