Cisco Desk Phone Series Vulnerability Lets Remote Attacker Access Sensitive Information

7 November 2024

A significant vulnerability (CVE-2024-20445) has been discovered in Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 that could allow remote, unauthenticated attackers to access sensitive information. This vulnerability, classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), is due to improper storage of sensitive information within the web user interface (UI) of Session Initiation Protocol (SIP)-based phone software.

Source: GBHackers

Date:

7 November 2024

Categorie(s):

NEWS

Tag(s):

Access, Cisco, Cyber Security News, Desk, Infrastructure Development

Industrial companies in Europe targeted with GuLoader7 November 2024
North Korean Hackers Use Fake News to Spread ‘Hidden Risk’ Malware7 November 2024
AudioEye Accessibility Protection Status identifies high-impact areas for improvement7 November 2024
Presentation: Beyond the Breach: Proactive Defense in the Age of Advanced Threats7 November 2024
Clicker Beware: Understanding and preventing open redirect attacks7 November 2024