CVE-2022-20968

Name of the Vulnerable Software and Affected Versions Cisco IP Phone 7800 and 8800 Series firmware versions prior to 14.2

Description A vulnerability in the Cisco Discovery Protocol processing feature could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device. This is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this by sending crafted Cisco Discovery Protocol traffic to an affected device, potentially allowing remote code execution or a denial of service (DoS) condition. The vulnerability is caused by insufficient validation of received Cisco Discovery Protocol packets.

Recommendations For Cisco IP Phone 7800 and 8800 Series firmware versions prior to 14.2, consider disabling the Cisco Discovery Protocol on affected IP phones as a temporary workaround, especially since these devices also support the Link Layer Discovery Protocol (LLDP). However, before deploying any workarounds or mitigation measures, evaluate their applicability to your environment and potential impact. At the moment, there is no information about a newer version that contains a fix for this vulnerability.