CVE-2022-20691

Name of the Vulnerable Software and Affected Versions Cisco ATA 190 Series Adaptive Telephone Adapter (affected versions not specified)

Description The issue exists due to insufficient input validation in the Cisco Discovery Protocol implementation of the Cisco Analog Telephone Adapter (ATA) series 190 firmware. This could allow a remote attacker to cause a denial of service. The vulnerability is caused by missing length validation of certain Cisco Discovery Protocol packet header fields. An attacker could exploit this by sending crafted Cisco Discovery Protocol packets to an affected device, potentially causing the device to exhaust available memory and restart the service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.