Vulnerabilities > Cisco > Spa500S Firmware > 1.4.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-17 | CVE-2019-1923 | Improper Input Validation vulnerability in Cisco products A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. | 6.6 |
| 2019-02-25 | CVE-2019-1683 | Improper Certificate Validation vulnerability in Cisco products A vulnerability in the certificate handling component of the Cisco SPA112, SPA525, and SPA5X5 Series IP Phones could allow an unauthenticated, remote attacker to listen to or control some aspects of a Transport Level Security (TLS)-encrypted Session Initiation Protocol (SIP) conversation. | 7.4 |