As a business owner, it’s important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series.
This new vulnerability is caused by inadequate input validation of packets using the Cisco Discovery Protocol. In other words, a threat actor could take advantage of this flaw by sending specially made Cisco Discovery Protocol traffic to a vulnerable device. If successful, the threat actor could cause a stack overflow, leading to a possible denial of service (DoS) condition or remote code execution on the affected device.
Unfortunately, there is currently no security update or workaround available to address the CVE-2022-20968 vulnerability. However, Cisco has provided mitigation guidance for business owners who wish to protect their vulnerable devices from attacks.
Cisco recommends disabling Cisco Discovery Protocol on IP Phone 7800 and 8800 Series devices and enabling Link Layer Discovery Protocol (LLDP) for neighbor discovery to mitigate this vulnerability. It is crucial that business owners carefully assess the potential impact on their devices and determine the best way to implement this change.
It’s worth noting that this mitigation is only available for devices that support LLDP for neighbor discovery. If you are using affected devices, you must take the necessary steps to protect your organization from this vulnerability. This may require some diligence on your part, but it is worth it to ensure the security of your business.