Cisco has released several security advisories to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
CERT Bulgaria encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates.
Cisco IP Phone 8800 Series Path Traversal Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipptv
Cisco IP Phone 8800 Series File Upload Denial of Service Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipfudos
Cisco IP Phone 8800 Series Authorization Bypass Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ipab
Cisco IP Phone 7800 Series and 8800 Series Remote Code Execution Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-rce
Cisco IP Phone 8800 Series Cross-Site Request Forgery Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190320-ip-phone-csrf