Cisco discloses high-severity IP phone zero-day with exploit code


The newest generation of Cisco’s IP phones are vulnerable to remote code execution and denial of service (DoS) attacks due to a high-severity zero-day vulnerability that Cisco reported today.

The business issued a warning on Thursday, noting that the PSIRT (Product Security Incident Response Team) is “aware that proof-of-concept exploit code is available” and that the “vulnerability has been publicly publicised.” Cisco’s PSIRT did add that it has not yet heard of any attempts to use this security hole in attacks, though.

Read More…