Cisco Patches High-Severity Flaws in IP Phone, IND, BroadWorks Application Delivery Platform and Xtended Services products

On January 11, Cisco released multiple security updates to address high vulnerabilities that exist in Cisco IP Phone 7800 and 8800 Series, Industrial Network Director and BroadWorks Application Delivery Platform and Xtended Services Platform. A remote attacker could exploit some of these vulnerabilities to bypass authentication or cause a denial of service (DoS) condition or access sensitive data on an affected device.

The most severe of these issues is CVE-2023-20038 (CVSS score of 8.8), an information disclosure flaw in the Cisco Industrial Network Director that could allow an authenticated, local attacker to obtain sensitive information, caused by storage of a static key value in the application. By utilizing cryptographic attack techniques, an attacker could exploit this vulnerability to decrypt local data or access remote systems monitored by Cisco IND.

Cisco Industrial Network Director is also affected by CVE-2023-20037 (CVSS score of 5.4), a stored XSS flaw that exists because of improper validation of content that is submitted to the affected application, and which can be exploited using crafted HTTPS requests.

This week, Cisco also announced patches for CVE-2023-20020 and CVE-2023-20018, two security defects impacting the Cisco BroadWorks Application Delivery Platform and BroadWorks Xtended Services Platform and IP Phone 7800 and 8800 Series.

CVE-2023-20020 (CVSS score of 8.6) has been described as a denial of service, caused by improper input validation when parsing HTTP requests. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to cause all subsequent requests to be dropped, and results in a denial of service condition.

The improper validation of user-supplied input on the web-based management interface of IP Phone 7800 and 8800 series phones could allow a remote attacker to bypass authentication. By sending a specially-crafted request to the web-based management interface, an attacker could exploit CVE-2023-20018 (CVSS score of 8.6) to access certain restricted parts of the web interface.

Cisco says it is not aware of any malicious attacks targeting the vulnerabilities. Further information on the resolved vulnerabilities can be found on Cisco’s product security page.