VDB
CVE-2022-20968
CVE-2022-20968
PUBLISHED
CVSS 8.100000381469727 HIGH
Une vulnérabilité a été découverte dans le produit Cisco IP Phone. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à distance.
EPSS 8.03% · 92.3th percentile
Risk Scores
CVSS 3.1
8.100000381469727
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
EPSS Score
8.03%
92.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | IP Phone | |
| cisco | ip_phone_7821_firmware | *, *, * |
| cisco | ip_phone_8811_firmware | 9.3\(3\), *, * |
| cisco | ip_phone_8841_firmware | 9.3\(4\)sr1, 9.3\(3\), 9.3\(4\)sr2 |
| cisco | ip_phone_8861_firmware | 9.3\(3\), 9.3\(4\), 9.3\(4\)sr1 |
| cisco | ip_phone_7811_firmware | 12.0\(1\)sr3, 9.3\(3\), 9.3\(4\) |
| cisco | ip_phone_8865_firmware | 9.3\(4\), *, * |
| cisco | ip_phone_7861_firmware | 14.0\(1\)sr3, 9.3\(4\), 9.3\(4\)sr1 |
| cisco | ip_phone_8831_firmware | 9.3\(4\), *, * |
| cisco | ip_phone_8845_firmware | 9.3\(3\), *, * |
| cisco | ip_phone_7832_firmware | *, *, * |
| cisco | ip_phone_8851_firmware | 9.3\(3\), *, * |
| cisco | ip_phone_7841_firmware | 9.3\(3\), 9.3\(4\), 9.3\(4\)sr3 |
| Cisco | Cisco Session Initiation Protocol (SIP) Software | 10.2(1)SR1, *, * |
| cisco | ip_phone_8832_firmware | 9.3\(4\)sr1, 9.3\(3\), 9.3\(4\)sr2 |
Exploit Intelligence
- cisco-sa-ipp-oobwrite-8cMF5r7U (circl)
Timeline
- Dec 8, 2022 CVE Published
- Dec 13, 2022 EPSS Score
- Jan 24, 2023 EPSS Score
- Apr 18, 2023 EPSS Score
- May 29, 2023 EPSS Score
- Jul 10, 2023 EPSS Score
- Oct 2, 2023 EPSS Score
- Nov 13, 2023 EPSS Score
- Dec 25, 2023 EPSS Score
- Mar 17, 2024 EPSS Score
- Apr 28, 2024 EPSS Score
- Jun 9, 2024 EPSS Score