PT-2022-5300 · Cisco · Cisco Ata 190 Series Adaptive Telephone Adapter
Qian Chen
·
Published
2022-10-05
·
Updated
2024-11-18
·
CVE-2022-20766
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Cisco ATA 190 Series Adaptive Telephone Adapter firmware (affected versions not specified)
Description
A vulnerability in the Cisco Discovery Protocol functionality could allow an unauthenticated, remote attacker to cause a Denial of Service (DoS) condition on an affected device. This issue is due to an out-of-bounds read when processing Cisco Discovery Protocol packets. An attacker could exploit this by sending crafted packets to an affected device, potentially causing a service restart.
Recommendations
For the Cisco ATA 190 Series Adaptive Telephone Adapter firmware, update to the latest firmware version released by Cisco that addresses this issue.
As a temporary workaround, consider restricting access to the Cisco Discovery Protocol functionality until a patch is available.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Ata 190 Series Adaptive Telephone Adapter