{"id":38089,"date":"2023-05-08T09:18:40","date_gmt":"2023-05-08T13:18:40","guid":{"rendered":"https:\/\/www.technewsday.com\/?p=38089"},"modified":"2023-05-09T16:05:02","modified_gmt":"2023-05-09T20:05:02","slug":"critical-security-flaw-found-in-cisco-phone-adapter","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/critical-security-flaw-found-in-cisco-phone-adapter\/","title":{"rendered":"Critical security flaw found in Cisco phone adapter"},"content":{"rendered":"<p data-ar-index=\"1\">Cisco has issued an alert on a critical security flaw in its SPA112 2-Port Adapter, which is used by businesses to connect analog phones and fax machines to voice-over-IP systems without having to upgrade them.<\/p>\n<p data-ar-index=\"2\">The bug, known as CVE-2023-20126, has a base score of 9.8 out of 10 and is classified as critical. It may be used by a remote attacker to gain control of a compromised device and execute arbitrary code. According to Cisco, the vulnerability is caused by a missing authentication mechanism in the firmware upgrading function. An attacker might upgrade an affected device to a crafted version of firmware, allowing the attacker to execute arbitrary code with full privileges on the affected device.<\/p>\n<p data-ar-index=\"3\">The impacted adapter was phased out in June 2020, with Cisco recommending that clients switch to a Cisco ATA 190 Series Analog Telephone Adapter, which converts analog devices into IP devices for usage by corporations, small offices, and cloud operations.<\/p>\n<p data-ar-index=\"4\">According to Cisco&#8217;s Product Security Incident Response Team, there has been no exploitation of the issue, which was brought to the company&#8217;s notice by DBAPPsecurity.<\/p>\n<p data-ar-index=\"5\">The sources for this piece include an article in <a href=\"https:\/\/www.theregister.com\/2023\/05\/05\/cisco_phone_adapter_vulnerabilitty\/\" target=\"_blank\" rel=\"noopener\">TheRegister<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cisco has issued an alert on a critical security flaw in its SPA112 2-Port Adapter, which is used by businesses to connect analog phones and fax machines to voice-over-IP systems without having to upgrade them. The bug, known as CVE-2023-20126, has a base score of 9.8 out of 10 and is classified as critical. It [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[16],"tags":[255],"class_list":["post-38089","post","type-post","status-publish","format-standard","hentry","category-security","tag-cisco"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/38089","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=38089"}],"version-history":[{"count":2,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/38089\/revisions"}],"predecessor-version":[{"id":38091,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/38089\/revisions\/38091"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=38089"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=38089"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=38089"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}