CVE-2019-1683: Cisco SPA112, SPA525, and SPA5x5 Series IP Phones Certificate Validation Vulnerability
First published: Mon Feb 25 2019(Updated: )
A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of a Transport Level Security (TLS)-encrypted Session Initiation Protocol (SIP) conversation. The vulnerability is due to the improper validation of server certificates. An attacker could exploit this vulnerability by crafting a malicious server certificate to present to the client. An exploit could allow an attacker to eavesdrop on TLS-encrypted traffic and potentially route or redirect calls initiated by an affected device. Affected software include version 7.6.2 of the Cisco Small Business SPA525 Series IP Phones and Cisco Small Business SPA5X5 Series IP Phones and version 1.4.2 of the Cisco Small Business SPA500 Series IP Phones and Cisco Small Business SPA112 Series IP Phones.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Spa112 Firmware | =1.4.2 | |
| Cisco SPA112 | ||
| Cisco Spa525 Firmware | =7.6.2 | |
| Cisco Spa525 | ||
| Cisco Spa5x5 Firmware | =7.6.2 | |
| Cisco Spa5x5 | ||
| Cisco Spa500 Firmware | =1.4.2 | |
| Cisco Spa500 | ||
| Cisco Spa500s Firmware | =1.4.2 | |
| Cisco Spa500s | ||
| Cisco Spa500ds Firmware | =1.4.2 | |
| Cisco Spa500ds | ||
| Cisco Spa501g Firmware | =1.4.2 | |
| Cisco Spa501g | ||
| Cisco Spa502g Firmware | =1.4.2 | |
| Cisco Spa502g | ||
| Cisco Spa504g Firmware | =1.4.2 | |
| Cisco Spa504g | ||
| Cisco Spa508g Firmware | =1.4.2 | |
| Cisco Spa508g | ||
| Cisco Spa509g Firmware | =1.4.2 | |
| Cisco Spa509g | ||
| Cisco Spa512g Firmware | =1.4.2 | |
| Cisco Spa512g | ||
| Cisco Spa514g Firmware | =1.4.2 | |
| Cisco Spa514g | ||
| Cisco Spa525g Firmware | =1.4.2 | |
| Cisco Spa525g | ||
| All of | ||
| Cisco Spa112 Firmware | =1.4.2 | |
| Cisco SPA112 | ||
| All of | ||
| Cisco Spa525 Firmware | =7.6.2 | |
| Cisco Spa525 | ||
| All of | ||
| Cisco Spa5x5 Firmware | =7.6.2 | |
| Cisco Spa5x5 | ||
| All of | ||
| Cisco Spa500 Firmware | =1.4.2 | |
| Cisco Spa500 | ||
| All of | ||
| Cisco Spa500s Firmware | =1.4.2 | |
| Cisco Spa500s | ||
| All of | ||
| Cisco Spa500ds Firmware | =1.4.2 | |
| Cisco Spa500ds | ||
| All of | ||
| Cisco Spa501g Firmware | =1.4.2 | |
| Cisco Spa501g | ||
| All of | ||
| Cisco Spa502g Firmware | =1.4.2 | |
| Cisco Spa502g | ||
| All of | ||
| Cisco Spa504g Firmware | =1.4.2 | |
| Cisco Spa504g | ||
| All of | ||
| Cisco Spa508g Firmware | =1.4.2 | |
| Cisco Spa508g | ||
| All of | ||
| Cisco Spa509g Firmware | =1.4.2 | |
| Cisco Spa509g | ||
| All of | ||
| Cisco Spa512g Firmware | =1.4.2 | |
| Cisco Spa512g | ||
| All of | ||
| Cisco Spa514g Firmware | =1.4.2 | |
| Cisco Spa514g | ||
| All of | ||
| Cisco Spa525g Firmware | =1.4.2 | |
| Cisco Spa525g |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2019-1683.
What is the severity of CVE-2019-1683?
The severity of CVE-2019-1683 is high, with a CVSS score of 7.4.
Which software is affected by CVE-2019-1683?
The Cisco SPA112, SPA525, and SPA5X5 Series IP Phones are affected by CVE-2019-1683.
How can an attacker exploit CVE-2019-1683?
An unauthenticated, remote attacker can exploit CVE-2019-1683 to listen to or control certain aspects of a TLS-encrypted SIP conversation.
Where can I find more information about CVE-2019-1683?
You can find more information about CVE-2019-1683 on the SecurityFocus and Cisco Security Advisory websites.
- collector/nvd-index
- agent/references
- agent/type
- agent/title
- agent/weakness
- agent/severity
- agent/description
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/author
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/cisco
- canonical/cisco spa112 firmware
- version/cisco spa112 firmware/1.4.2
- canonical/cisco spa112
- canonical/cisco spa525 firmware
- version/cisco spa525 firmware/7.6.2
- canonical/cisco spa525
- canonical/cisco spa5x5 firmware
- version/cisco spa5x5 firmware/7.6.2
- canonical/cisco spa5x5
- canonical/cisco spa500 firmware
- version/cisco spa500 firmware/1.4.2
- canonical/cisco spa500
- canonical/cisco spa500s firmware
- version/cisco spa500s firmware/1.4.2
- canonical/cisco spa500s
- canonical/cisco spa500ds firmware
- version/cisco spa500ds firmware/1.4.2
- canonical/cisco spa500ds
- canonical/cisco spa501g firmware
- version/cisco spa501g firmware/1.4.2
- canonical/cisco spa501g
- canonical/cisco spa502g firmware
- version/cisco spa502g firmware/1.4.2
- canonical/cisco spa502g
- canonical/cisco spa504g firmware
- version/cisco spa504g firmware/1.4.2
- canonical/cisco spa504g
- canonical/cisco spa508g firmware
- version/cisco spa508g firmware/1.4.2
- canonical/cisco spa508g
- canonical/cisco spa509g firmware
- version/cisco spa509g firmware/1.4.2
- canonical/cisco spa509g
- canonical/cisco spa512g firmware
- version/cisco spa512g firmware/1.4.2
- canonical/cisco spa512g
- canonical/cisco spa514g firmware
- version/cisco spa514g firmware/1.4.2
- canonical/cisco spa514g
- canonical/cisco spa525g firmware
- version/cisco spa525g firmware/1.4.2
- canonical/cisco spa525g