Vulnslist

find the latest Cisco vulnerabilities

Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities

cisco-sa-phone-dos-FPyjLV7A · High · Published · Updated

Multiple vulnerabilities in Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco Session Initiation Protocol (SIP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or conduct a cross-site scripting (XSS) attack against a user of the web UI. Note: To exploit these vulnerabilities, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-dos-FPyjLV7A

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address these vulnerabilities. However, disabling Web Access mitigates these vulnerabilities.

To enable or disable Web Access on a specific device, follow these steps:

Log in to the Communications Manager to which the phone is registered using administrative privileges, which allow modification of devices.
Choose Device > Phone.
Enter the search criteria in the search box and click Find.
Choose the appropriate device from the Device Name list.
Under Web Access, use the toggle button to choose Enabled or Disabled, and click Save.

To verify that the desired state has been set, enter the IP address of the phone into a browser window on a device that has internet access, and click Enter.

To enable or disable Web Access on multiple devices, use the Bulk Admin Tool (BAT) as detailed in the Bulk Administration Guide for Cisco Unified Communications Manager https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/bat/14SU1/cucm_b_bulk-administration-guide-14SU1/cucm_b_bulk-administration-guide-1251su2_chapter_01.html .

While this mitigation has been deployed and was proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer deployment scenarios and limitations. Customers should not deploy any workarounds or mitigations before first evaluating the applicability to their own environment and any impact to such environment.

CVEsCVE-2025-20350, CVE-2025-20351
Cisco Bug IDsCSCwn60484, CSCwn60491, CSCwn60480, CSCwn60493, CSCwn60481, CSCwn60482, CSCwn60492, CSCwn60494, CSCwn51601, CSCwn58676, CSCwn58685, CSCwn58674, CSCwn58673, CSCwn58683, CSCwn58687, CSCwn58684, CSCwn58671, CSCwn51683
CVSS ScoreBase 7.5
Base 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:X/RL:X/RC:X
Base 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Session Initiation Protocol (SIP) Software

CSAF Product Statuses

Product Status Source CVE Rows
Cisco Session Initiation Protocol (SIP) Software known_affected cisco_csaf CVE-2025-20350, CVE-2025-20351 2

Related Products

Product CVE Evidence
Cisco IP phone CVE-2025-20350 Cisco OpenVuln
Cisco Session Initiation Protocol (SIP) Software CVE-2025-20350 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2025-20350 Cisco OpenVuln
Cisco 8000 Series Routers CVE-2025-20350 Cisco OpenVuln
Cisco IP phone CVE-2025-20351 Cisco OpenVuln
Cisco Session Initiation Protocol (SIP) Software CVE-2025-20351 Cisco OpenVuln
Cisco Unified Communications Manager CVE-2025-20351 Cisco OpenVuln
Cisco 8000 Series Routers CVE-2025-20351 Cisco OpenVuln