Networking company Cisco Systems has issued a warning about its SPA112 2-Port Phone Adapter. It seems vulnerable to RCE attacks on the management interface.

The Cisco SPA112 2-Port Phone management interface appears to be vulnerable to RCE attacks. The company reports this itself.

The problem

With a CVSS score of 9.8 out of 10, the vulnerability given to tracker CVE-2023-20126 is a huge risk. Someone with ill intentions can easily add code to the system and basically has a free hand. Specific examples of infections are not currently known to Cisco, but this is always subject to change. So vigilance is advisable.

This type of adapter is very popular because it allows analog phones to be added to a VoIP network without any upgrades. This often happens without an online connection, which allows the vulnerability to be exploited via the internal network.

When someone gains access in this way, it usually stays under the radar of security software, as such devices are rarely monitored. The SPA112 is also about to become obsolete and is no longer supported by Cisco.

Not much to do

The company made no suggestions to fix CVE-2023-20126 in its security report. Cisco limits itself to a general warning to replace the adapters in question or at least to provide them with additional security.

Of course, a possible replacement is immediately suggested: the Cisco ATA 190 Series Analog Telephone Adapter. The supported lifetime is provided until March next year.