Insecure File Permissions on Cisco Unified IP Phones by Cisco
CVE-2013-6685
Currently unrated
Key Information:
- Vendor
Cisco
- Vendor
- CVE Published:
- 13 November 2013
What is CVE-2013-6685?
The firmware of Cisco Unified IP phones 8961, 9951, and 9971 is susceptible to a vulnerability arising from weak permissions assigned to memory block devices. This weakness enables local users to escalate their privileges by mounting a device that contains a setuid file within its filesystem. This can lead to unauthorized access and control over the device, posing a significant security threat.