Cisco ATA 190 Telephone Adapter Flaw Exposes Devices To Remote Takeover
Cisco has issued a critical security advisory concerning multiple vulnerabilities in its ATA 190 Series Analog Telephone Adapters.
These vulnerabilities could potentially allow remote attackers to execute arbitrary code, posing significant risks to affected devices.
Cisco ATA 190 Telephone Adapter Vulnerabilities
The advisory highlights several vulnerabilities, each with varying degrees of severity and potential impact:
CVE-2024-20458: This vulnerability allows unauthenticated, remote attackers to view or delete configurations and change firmware due to a lack of authentication on specific HTTP endpoints. It has a high-security impact rating with a CVSS score of 8.2.
CVE-2024-20421: This cross-site request forgery (CSRF) vulnerability enables attackers to perform arbitrary actions on affected devices by persuading users to click on crafted links. It carries a high-security impact rating with a CVSS score of 7.1.
CVE-2024-20459: An authenticated attacker with high privileges could exploit this command injection vulnerability to execute arbitrary commands as the root user on the underlying operating system.
Its CVSS score is 6.5, indicating a medium security impact.
Other vulnerabilities include reflected cross-site scripting (XSS), privilege escalation, and information disclosure issues, each contributing to the overall risk profile of the affected devices.
These vulnerabilities arise from insufficient input validation, incorrect authorization verification, and improper sanitization processes within the web-based management interface and command-line interface (CLI) of the adapters.
Cisco has released firmware updates addressing these vulnerabilities. However, there are no workarounds available for these issues. Some mitigations are possible for specific vulnerabilities, such as disabling the web-based management interface in certain configurations.
Cisco strongly recommends that users apply these updates promptly to secure their devices.
The discovery of these vulnerabilities underscores the ongoing challenges in securing network infrastructure devices like telephone adapters.
As organizations increasingly rely on VoIP technology for communication, ensuring the security of such devices becomes paramount.
Cisco’s proactive release of patches reflects its commitment to maintaining product security but also highlights the necessity for organizations to remain vigilant and responsive to emerging threats.
In conclusion, while Cisco has provided solutions through firmware updates, users must act quickly to implement these patches to mitigate potential exploitation risks.
The advisory serves as a reminder of the critical importance of regular security assessments and updates in safeguarding networked devices against evolving cyber threats.