fkie_cve-2019-15959
Vulnerability from fkie_nvd
Published
2020-09-23 01:15
Modified
2024-11-21 04:29
Severity ?
6.6 (Medium) - CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit this vulnerability by accessing the physical interface of a device and inserting a USB storage device. A successful exploit could allow the attacker to execute scripts on the device in an elevated security context.
References
psirt@cisco.comhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-spa500-scriptVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-spa500-scriptVendor Advisory
Impacted products
Vendor Product Version
cisco spa500_series_ip_phones_firmware *
cisco spa500ds -
cisco spa500s -
cisco spa501g -
cisco spa502g -
cisco spa504g -
cisco spa512g -
cisco spa514g -
cisco spa525g -
cisco spa525g2 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:spa500_series_ip_phones_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B676D2B9-4046-450A-BFD5-000CBAE26955",
              "versionEndIncluding": "7.5.7\\(5\\)",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:spa500ds:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C7B9304-CCA9-41C0-A6B9-032DC923420C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:spa500s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66B2A148-467A-4F10-945C-1F49A218BD4F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:spa501g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73B67905-79ED-4771-B436-49868BA7C922",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:spa502g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D371387F-C7CC-46BB-85E9-419EF97D2A00",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:spa504g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3FE12AB-1CC7-450D-88F2-7B06C51DCE7C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:spa512g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92A92FEE-7CB5-43B1-8AC3-00C077DD4A63",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:spa514g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "16C4089F-5B9F-4D69-8819-43B52309454F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:spa525g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5602EAB-6507-4B5B-A05B-4FED970B43D0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:spa525g2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "58E0A339-CE89-4D27-B08D-BF151C9FF086",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker could exploit this vulnerability by accessing the physical interface of a device and inserting a USB storage device. A successful exploit could allow the attacker to execute scripts on the device in an elevated security context."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en Cisco Small Business SPA500 Series IP Phones, podr\u00eda permitir a un atacante cercano f\u00edsicamente ejecutar comandos arbitrarios en el dispositivo.\u0026#xa0;La vulnerabilidad es debido a la presencia de una prueba de desarrollo y una verificaci\u00f3n de scripts que permanecieron en el dispositivo.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el acceso a la interfaz f\u00edsica de un dispositivo e insertando un dispositivo de almacenamiento USB.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar scripts en el dispositivo en un contexto de seguridad elevado"
    }
  ],
  "id": "CVE-2019-15959",
  "lastModified": "2024-11-21T04:29:49.480",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 0.7,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.7,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-09-23T01:15:12.863",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-spa500-script"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-spa500-script"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.