

APT Group Gamaredon aka Shuckworm – Active IOCs
August 9, 2024
North Korean Kimsuky Group Targets University Professors for Cyber Espionage – Active IOCs
August 9, 2024
APT Group Gamaredon aka Shuckworm – Active IOCs
August 9, 2024
North Korean Kimsuky Group Targets University Professors for Cyber Espionage – Active IOCs
August 9, 2024Severity
Medium
Analysis Summary
CVE-2024-20452 CVSS:9.8
Cisco Small Business SPA300 Series and SPA500 Series IP Phones are vulnerable to a buffer overflow, caused by improper bounds checking. By sending specially crafted HTTP packets, a remote attacker could overflow a buffer and execute arbitrary commands at the root privilege level.
CVE-2024-20454 CVSS:9.8
Cisco Small Business SPA300 Series and SPA500 Series IP Phones are vulnerable to a buffer overflow, caused by improper bounds checking. By sending specially crafted HTTP packets, a remote attacker could overflow a buffer and execute arbitrary commands at the root privilege level. These vulnerabilities exist because incoming HTTP packets are not properly checked for errors, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to overflow an internal buffer and execute arbitrary commands at the root privilege level.
CVE-2024-20451 CVSS:7.5
Cisco Small Business SPA300 Series and SPA500 Series IP Phones are vulnerable to a denial of service, caused by buffer overflow. By sending specially crafted HTTP packets, a remote attacker could exploit this vulnerability to cause device to reload unexpectedly.
CVE-2024-20453 CVSS:7.5
Cisco Small Business SPA300 Series and SPA500 Series IP Phones are vulnerable to a denial of service, caused by buffer overflow. By sending specially crafted HTTP packets, a remote attacker could exploit this vulnerability to cause device to reload unexpectedly.
CVE-2024-20450 CVSS:9.8
Cisco Small Business SPA300 Series and SPA500 Series IP Phones are vulnerable to a buffer overflow, caused by improper bounds checking. By sending specially crafted HTTP packets, a remote attacker could overflow a buffer and execute arbitrary commands at the root privilege level.
Impact
- Gain Access
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-20452
- CVE-2024-20454
- CVE-2024-20451
- CVE-2024-20453
- CVE-2024-20450
Affected Vendors
Affected Products
- Cisco Small Business SPA500 Series IP Phones
- Cisco Small Business SPA300 Series IP Phones
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.