| Security Advisory: | Cisco Detects Critical Vulnerability in IP-Telephones |
|---|
In a recent security advisory, Cisco has detected a critical vulnerability in its series of IP-telephones. The vulnerability, identified as CVE-2024-2045, allows remote attackers to gain access to confidential information. The affected models include Desk Phone 9800, IP Phone 7800 and 8800, as well as Video Phone 8875.
The vulnerability stems from incorrect data storage in the web interface of devices that use the SIP protocol. This flaw leads to the exposure of sensitive information (CWE-200) when the web access function is enabled. By simply accessing the IP address of a vulnerable device, attackers can exploit this vulnerability to gain unauthorized access to confidential data.
/Reports, release notes, official announcements.