CVE-2022-20817

A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user's phone if the Cisco Unified Communications Manager (CUCM) is in secure mode. This vulnerability is due to improper key generation during the manufacturing process that could result in duplicated manufactured keys installed on multiple devices. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on the secure communication between the phone and the CUCM. A successful exploit could allow the attacker to impersonate another user's phone. This vulnerability cannot be addressed with software updates. There is a workaround that addresses this vulnerability.

CVSS v3 7.4 HIGH
CVSS v2.0 4.0 MEDIUM

7.4^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:N

Exploitability : 4.9 / Impact : 4.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cp6901-dup-cert-82jdJGe4	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:h:cisco:unified_ip_phone_6911:-:*:*:*:*:*:*:*

cpe:2.3:o:cisco:unified_ip_phone_6911_firmware:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:h:cisco:unified_ip_phone_6921:-:*:*:*:*:*:*:*

cpe:2.3:o:cisco:unified_ip_phone_6921_firmware:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:h:cisco:unified_ip_phone_6941:-:*:*:*:*:*:*:*

cpe:2.3:o:cisco:unified_ip_phone_6941_firmware:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:h:cisco:unified_ip_phone_6945:-:*:*:*:*:*:*:*

cpe:2.3:o:cisco:unified_ip_phone_6945_firmware:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:h:cisco:unified_ip_phone_6961:-:*:*:*:*:*:*:*

cpe:2.3:o:cisco:unified_ip_phone_6961_firmware:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:h:cisco:unified_ip_phone_8941:-:*:*:*:*:*:*:*

cpe:2.3:o:cisco:unified_ip_phone_8941_firmware:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:h:cisco:unified_ip_phone_8945:-:*:*:*:*:*:*:*

cpe:2.3:o:cisco:unified_ip_phone_8945_firmware:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:h:cisco:unified_ip_phone_8961:-:*:*:*:*:*:*:*

cpe:2.3:o:cisco:unified_ip_phone_8961_firmware:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:cisco:unified_ip_phone_9951_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:unified_ip_phone_9951:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:cisco:unified_ip_phone_9971_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:unified_ip_phone_9971:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:cisco:ata_187_analog_telephone_adapter_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:ata_187_analog_telephone_adapter:-:*:*:*:*:*:*:*

History

27 Jun 2022, 18:36

Type	Values Removed	Values Added
CWE		CWE-338
First Time		Cisco unified Ip Phone 8941 Cisco unified Ip Phone 6945 Cisco unified Ip Phone 6941 Firmware Cisco unified Ip Phone 6921 Cisco unified Ip Phone 6911 Cisco unified Ip Phone 9951 Firmware Cisco unified Ip Phone 6921 Firmware Cisco unified Ip Phone 8941 Firmware Cisco unified Ip Phone 8961 Cisco unified Ip Phone 6961 Firmware Cisco unified Ip Phone 9951 Cisco ata 187 Analog Telephone Adapter Cisco ata 187 Analog Telephone Adapter Firmware Cisco unified Ip Phone 8945 Cisco unified Ip Phone 9971 Cisco unified Ip Phone 6911 Firmware Cisco unified Ip Phone 6945 Firmware Cisco unified Ip Phone 8945 Firmware Cisco Cisco unified Ip Phone 8961 Firmware Cisco unified Ip Phone 6941 Cisco unified Ip Phone 9971 Firmware Cisco unified Ip Phone 6961
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.0 v3 : 7.4
References	~~(CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cp6901-dup-cert-82jdJGe4 -~~	(CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cp6901-dup-cert-82jdJGe4 - Vendor Advisory
CPE		cpe:2.3:h:cisco:unified_ip_phone_9951:-:::::::* cpe:2.3:h:cisco:unified_ip_phone_8945:-:::::::* cpe:2.3:h:cisco:unified_ip_phone_6961:-:::::::* cpe:2.3:o:cisco:unified_ip_phone_6921_firmware:-:::::::* cpe:2.3:o:cisco:unified_ip_phone_8945_firmware:-:::::::* cpe:2.3:o:cisco:unified_ip_phone_6911_firmware:-:::::::* cpe:2.3:o:cisco:ata_187_analog_telephone_adapter_firmware:::::::: cpe:2.3:h:cisco:unified_ip_phone_6945:-:::::::* cpe:2.3:o:cisco:unified_ip_phone_6961_firmware:-:::::::* cpe:2.3:h:cisco:ata_187_analog_telephone_adapter:-:::::::* cpe:2.3:h:cisco:unified_ip_phone_8961:-:::::::* cpe:2.3:o:cisco:unified_ip_phone_8961_firmware:-:::::::* cpe:2.3:o:cisco:unified_ip_phone_6945_firmware:-:::::::* cpe:2.3:o:cisco:unified_ip_phone_9971_firmware:-:::::::* cpe:2.3:o:cisco:unified_ip_phone_8941_firmware:-:::::::* cpe:2.3:h:cisco:unified_ip_phone_6911:-:::::::* cpe:2.3:h:cisco:unified_ip_phone_6941:-:::::::* cpe:2.3:o:cisco:unified_ip_phone_6941_firmware:-:::::::* cpe:2.3:h:cisco:unified_ip_phone_6921:-:::::::* cpe:2.3:h:cisco:unified_ip_phone_9971:-:::::::* cpe:2.3:o:cisco:unified_ip_phone_9951_firmware:-:::::::* cpe:2.3:h:cisco:unified_ip_phone_8941:-:::::::*

15 Jun 2022, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-06-15 18:15

Updated : 2023-12-10 14:22

NVD link : CVE-2022-20817

Mitre link : CVE-2022-20817

CVE.ORG link : CVE-2022-20817

JSON object : View

Products Affected

cisco

unified_ip_phone_6945_firmware
ata_187_analog_telephone_adapter
unified_ip_phone_8961
unified_ip_phone_8941_firmware
unified_ip_phone_6911_firmware
unified_ip_phone_9971
unified_ip_phone_6961
unified_ip_phone_8945_firmware
unified_ip_phone_8945
unified_ip_phone_6941_firmware
unified_ip_phone_6961_firmware
unified_ip_phone_6921
unified_ip_phone_6911
ata_187_analog_telephone_adapter_firmware
unified_ip_phone_6921_firmware
unified_ip_phone_8961_firmware
unified_ip_phone_9971_firmware
unified_ip_phone_9951
unified_ip_phone_6941
unified_ip_phone_6945
unified_ip_phone_9951_firmware
unified_ip_phone_8941

CWE

CWE-338

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

7.4 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

4.0 /10

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2022-20817

7.4^/10

4.0^/10

Attach tags to `CVE-2022-20817`