Attackers could target Cisco’s SPA112 VoIP adapter and run malicious code on it. Because the end of support has been reached, there are no more security updates. Admins who still use the device should quickly consider an alternative.
The adapter converts, among other things, analog telephones and fax machines into VoIP devices. It is mainly used in office and company environments.
Dangerous firmware update possible
In a warning message, the network supplier classifies the vulnerability (CVE-2023-20126) as “critical“. Due to a lack of authentication during the firmware upgrade, attackers could start with the web management interface and install manipulated firmware. In the end, they could then execute malicious code with full rights on devices. Attackers could use this to spread to other devices via the network and thus completely compromise systems.
As can be seen from an article, support with security updates expired in June 2020. There is also no interim solution to protect the VoIP adapter against the attack described. Since then, security gaps have remained open and the devices are an acute security risk for companies.
Cisco states that they are currently not aware of any attacks on the vulnerability. However, since details of the vulnerability are now publicly known, attacks could be imminent and admins should act promptly and clean out the vulnerable devices.
Switch now!
As an alternative to switching, the network equipment supplier calls the ATA 190 Series Analog Telephone Adapter. Support for this should run until the end of March 2024.
(of the)
