CISCO fixes serious bug on VoIP Phones

Share this…

The company also patched three medium-security flaws in its network security systems

Several customers may be affected by a high-security flaw discovered on Cisco’s Voice over Internet Protocol (VoIP) services. The manufacturer released an update patch last Wednesday.

Cisco also fixed two medium-security flaws on its FireSIGHT management platform for network security, and a medium-security problem in Web Security Appliance. Finally, it issued a solution for a high-severity bug on its platform for mobile operator routers, StarOS.

CVE-2018-0341, the most critical of vulnerabilities, would allow for commands injection and remote code execution on IP Phones, including bleeding edge models whit HD video call function. Specialists in secure data destruction mention that due to insufficient input validation, an authenticated user could send crafted commands to a specific user input field, compromising the user interface that is linked to the phones. This could result in the ability to inject and execute arbitrary commands, opening the door for hackers to listen to conversations, make phone calls, or even more.

The vulnerability, found internally by the vendor, affects IP Phone devices series 6800, 7800 and 8800 that run a version of multiplatform firmware prior to version 11.2 (1). According to specialists in secure data destruction, no exploits have yet been seen in nature, and the requirement that an attacker log in to the user interface to launch an attack mitigates the severity of the problem.

Cisco also sent solutions for two medium-gravity failures in the Cisco FireSIGHT System software, which provides centralized management for network security and operational functions for Cisco ASA with FirePOWER services and network security devices Cisco FirePOWER.

The first flaw (CVE-2018-0383) is file policy omission vulnerability, found in the FireSIGHT detection engine. An unauthenticated remote attacker could send an FTP connection created for malicious purposes to transfer a file to an affected device; That file could contain malware created to disable detection mechanisms in the system or perform other despicable actions.

According to experts in information security and secure data destruction, an exploit could allow the attacker to circumvent a file policy that is configured to apply the ‘ block load ‘ with the reboot action to FTP traffic.

The second vulnerability (CVE-2018-0384) in the same detection engine could allow an unauthenticated remote attacker to bypass a URL-based access control policy that is configured to block traffic on an affected system.

Another medium-severity error (CVE-2018-0366) is cross-site script vulnerability in the Web-based management interface of the CISCO web security device.

Through social engineering, a malicious agent could convince an interface user to click on a specially designed link that would then give attackers the ability to run arbitrary scripts on the interface or allow the attacker access to sensitive information set in user’s browser.

Meanwhile, Cisco has also corrected two high-severity vulnerabilities (CVE-2018-0369) on StarOS. StarOS drives next-generation mobile networks, which support everything from tablets and smartphones to connected automobiles, smart-city and other Internet of Things implementation. The platform provides virtualization and intelligence for mobile network architectures, and enables the allocation of dynamic resources for mobile networks and services.

Internal security tests discovered vulnerabilities in reassembly logic for fragmented IPV4 packages from Cisco StarOS running on virtual platforms. An exploit could allow an attacker to implement a DoS condition.