Vulnerabilities > Cisco > ATA 192 Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-12-12 CVE-2022-20688 Improper Validation of Specified Quantity in Input vulnerability in Cisco products
A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause Cisco Discovery Protocol service to restart. This vulnerability is due to missing length validation of certain Cisco Discovery Protocol packet header fields.
network
low complexity
cisco CWE-1284
5.3
2022-12-12 CVE-2022-20689 Improper Validation of Specified Quantity in Input vulnerability in Cisco products
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities are due to missing length validation checks when processing Cisco Discovery Protocol messages.
low complexity
cisco CWE-1284
8.8
2022-12-12 CVE-2022-20690 Improper Validation of Specified Quantity in Input vulnerability in Cisco products
Multiple vulnerabilities in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause Cisco Discovery Protocol memory corruption on an affected device. These vulnerabilities are due to missing length validation checks when processing Cisco Discovery Protocol messages.
low complexity
cisco CWE-1284
8.8
2022-12-12 CVE-2022-20691 Improper Validation of Specified Quantity in Input vulnerability in Cisco products
A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause a DoS condition of an affected device. This vulnerability is due to missing length validation of certain Cisco Discovery Protocol packet header fields.
low complexity
cisco CWE-1284
6.5
2021-10-06 CVE-2021-34710 OS Command Injection vulnerability in Cisco products
Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-78
8.8
2021-10-06 CVE-2021-34735 Unspecified vulnerability in Cisco products
Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco
7.5