Cisco IP Phones Information Disclosure (CVE-2022-20660)

medium Tenable OT Security Plugin ID 502121

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A vulnerability in the information storage architecture of several Cisco IP Phone models could allow an unauthenticated, physical attacker to obtain confidential information from an affected device.
This vulnerability is due to unencrypted storage of confidential information on an affected device. An attacker could exploit this vulnerability by physically extracting and accessing one of the flash memory chips. A successful exploit could allow the attacker to obtain confidential information from the device, which could be used for subsequent attacks.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

See Also

http://www.nessus.org/u?83486282

http://seclists.org/fulldisclosure/2022/Jan/34

http://www.nessus.org/u?18214ce3

Plugin Details

Severity: Medium

ID: 502121

Version: 1.1

Type: remote

Family: Tenable.ot

Published: 3/18/2024

Updated: 3/18/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2022-20660

CVSS v3

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 4.2

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ip_phone_8845_firmware, cpe:/o:cisco:ip_phone_8841_firmware, cpe:/o:cisco:unified_sip_phone_3905_firmware, cpe:/o:cisco:ip_phone_8861_firmware, cpe:/o:cisco:ip_phone_7821_firmware, cpe:/o:cisco:ip_phone_7841_firmware, cpe:/o:cisco:unified_ip_phone_7975g_firmware:-, cpe:/o:cisco:unified_ip_phone_8831_firmware, cpe:/o:cisco:ip_phone_8865_firmware, cpe:/o:cisco:wireless_ip_phone_8821-ex_firmware, cpe:/o:cisco:unified_ip_phone_7945g_firmware:-, cpe:/o:cisco:wireless_ip_phone_8821_firmware, cpe:/o:cisco:ip_phone_8851_firmware, cpe:/o:cisco:ip_phone_7811_firmware, cpe:/o:cisco:ip_phone_7861_firmware, cpe:/o:cisco:unified_ip_phone_7965g_firmware:-, cpe:/o:cisco:ip_phone_8811_firmware

Required KB Items: Tenable.ot/Cisco

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/14/2022

Vulnerability Publication Date: 1/14/2022

Reference Information

CVE: CVE-2022-20660

CWE: 312