Details of VAR-200209-0069

ID

VAR-200209-0069

TITLE

Cisco IP Phone 7960 Firmware Image File Unsigned Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2013-15111

DESCRIPTION

The Cisco IP Phone 7960 is a system that provides voice over IP networks. The firmware image file used by the Cisco IP Phone 7960 is not signed and can be exploited by remote attackers to use malicious firmware image files to entice users to download without being noticed. The firmware image file content used by the Cisco IP Phone 7960 is not signed and verified, so the client cannot determine whether the downloaded firmware information is legal. The higher version of the firmware image file is trusted by the device and is started when the device is started. And install. This process is transparent and does not require any user interaction. If an attacker can control the TFTP server, they can upload malicious firmware, causing malicious content to be installed on the device with this vulnerability. TFTP does not provide authentication. It is also theoretically possible for an attacker to substitute a malicious configuration file by exploiting this weakness

Trust: 0.81

sources: CNVD: CNVD-2013-15111 // BID: 5758

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2013-15111

AFFECTED PRODUCTS

vendor:	no	model:	-	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	ip phone	scope:	eq	version:	7960	Trust: 0.3

sources: CNVD: CNVD-2013-15111 // BID: 5758

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2013-15111
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2013-15111
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2013-15111

THREAT TYPE

network

Trust: 0.3

sources: BID: 5758

TYPE

Design Error

Trust: 0.3

sources: BID: 5758

EXTERNAL IDS

db:	BID	id:	5758	Trust: 0.9
db:	CNVD	id:	CNVD-2013-15111	Trust: 0.6

sources: CNVD: CNVD-2013-15111 // BID: 5758

REFERENCES

url:

http://marc.theaimsgroup.com/?l=bugtraq&m=103244631004785&w=2

Trust: 0.6

sources: CNVD: CNVD-2013-15111

CREDITS

Discovery of this issue is credited to "Ofir Arkin" <ofir@sys-security.com>.

Trust: 0.3

sources: BID: 5758

SOURCES

db:	CNVD	id:	CNVD-2013-15111
db:	BID	id:	5758

LAST UPDATE DATE

2022-05-17T02:07:52.048000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-15111	date:	2013-12-20T00:00:00
db:	BID	id:	5758	date:	2002-09-19T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2013-15111	date:	2002-09-19T00:00:00
db:	BID	id:	5758	date:	2002-09-19T00:00:00