Arbitrary Code Execution and DoS Vulnerabilities in Cisco IP Phone Web Interface

Arbitrary Code Execution and DoS Vulnerabilities in Cisco IP Phone Web Interface

CVE-2023-20079 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Multiple vulnerabilities in the web-based management interface of certain Cisco IP Phones could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

Learn more about our Cis Benchmark Audit For Cisco.