Vulnerabilities > Cisco > ATA 190 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-12-12 CVE-2022-20689 Improper Validation of Specified Quantity in Input vulnerability in Cisco products
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities are due to missing length validation checks when processing Cisco Discovery Protocol messages.
low complexity
cisco CWE-1284
8.8
8.8
2022-12-12 CVE-2022-20690 Improper Validation of Specified Quantity in Input vulnerability in Cisco products
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities are due to missing length validation checks when processing Cisco Discovery Protocol messages.
low complexity
cisco CWE-1284
8.8
8.8
2021-10-06 CVE-2021-34710 OS Command Injection vulnerability in Cisco products
Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-78
8.8
8.8
2021-10-06 CVE-2021-34735 Unspecified vulnerability in Cisco products
Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco
7.5
7.5