"Cisco Patches High-Severity Vulnerabilities in Analog Telephone Adapters"
"Cisco Patches High-Severity Vulnerabilities in Analog Telephone Adapters"
Cisco recently announced patches for eight vulnerabilities in the firmware of ATA 190 series analog telephone adapters, including two high-severity flaws leading to configuration changes and cross-site request forgery (CSRF) attacks. The first high-severity flaw, CVE-2024-20458, impacts the web-based management interface of the firmware and exists because specific HTTP endpoints lack authentication, allowing remote, unauthenticated attackers to browse to a specific URL and view or delete configurations or modify the firmware.