Jan Dubový

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business SPA112 Series IP Phones version 1.4.2 Cisco Small Business SPA525 Series IP Phones version 7.6.2 Cisco Small Business SPA5X5 Series IP Phones version 7.6.2 Cisco Small Business SPA500 Series IP Phones version 1.4.2 **Description** A vulnerability in the certificate handling component of the Cisco IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of a Transport Level Security (TLS)-encrypted Session Initiation Protocol (SIP) conversation. The issue is due to the improper validation of server certificates. An attacker could exploit this by crafting a malicious server certificate to present to the client, potentially allowing them to eavesdrop on TLS-encrypted traffic and route or redirect calls initiated by an affected device. **Recommendations** For Cisco Small Business SPA112 Series IP Phones version 1.4.2, update the software to a version that properly validates server certificates. For Cisco Small Business SPA525 Series IP Phones version 7.6.2, update the software to a version that properly validates server certificates. For Cisco Small Business SPA5X5 Series IP Phones version 7.6.2, update the software to a version that properly validates server certificates. For Cisco Small Business SPA500 Series IP Phones version 1.4.2, update the software to a version that properly validates server certificates.