Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2020-3161

Cisco | Cisco IP PhonesAdded 2021-11-03Remediation Deadline 2022-05-03

Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability

Cisco IP Phones contain an improper input validation vulnerability for HTTP requests. Exploitation could allow an attacker to execute code remotely with root privileges or cause a denial-of-service (DoS) condition.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-20

References