Denial of Service Vulnerability in Cisco 9900 IP Phones
CVE-2013-5526

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Ip Phone 9951; Unified Ip Phone 9971
Vendor: CVE Published:; 10 October 2013

Summary

The vulnerability in Cisco 9900 fourth-generation IP phones arises from improper SDP negotiation handling. This flaw enables remote attackers to exploit crafted SDP packets, leading to a denial of service condition where the device can be rebooted unexpectedly. This issue reflects on device stability and could impact ongoing communications, making it crucial for organizations using Cisco IP phones to assess their exposure and apply necessary security measures.

References

http://osvdb.org/98254

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/55231

third-party-advisoryx_refsource_SECUNIA

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Oct 10, 2013
Vulnerability Reserved
Aug 22, 2013