CVE-2015-4226

Name of the Vulnerable Software and Affected Versions Cisco 9900 phones version 9.3(2)

Description The issue is related to the packet-storing feature on Cisco 9900 phones, which does not properly support the RTP protocol. This allows remote attackers to cause a denial of service, resulting in a device hang, by sending malformed RTP packets after a call is answered.

Recommendations For Cisco 9900 phones version 9.3(2), consider updating the firmware to a version that properly supports the RTP protocol to prevent denial of service attacks. As a temporary workaround, restrict access to the RTP protocol on the affected phones to minimize the risk of exploitation.