Detections
Analytics
Cisco Desk/IP/Video Phone Cross Site Scripting (cisco-sa-phone-dos-FPyjLV7A) (CVE-2025-20351)
medium Nessus Plugin ID 271390
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
According to its self-reported version, the remote Cisco Desk, IP, or Video Phone running SIP Software is affected by a cross site scripting vulnerability:- A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of the web UI. This vulnerability exists because the web UI of an affected device does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected nterface or access sensitive, browser-based information. Note: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default.
(CVE-2025-20351)
Please see the included Cisco BIDs and Cisco Security Advisory for more information.
Solution
Upgrade to the relevant fixed version referenced in Cisco bug IDs CSCwn51683, CSCwn58671, CSCwn58673, CSCwn58674, CSCwn58676, CSCwn58683, CSCwn58684, CSCwn58685, or CSCwn58687.See Also
http://www.nessus.org/u?83c0dd77
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwn51683
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwn58671
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwn58673
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwn58674
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwn58676
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwn58683
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwn58684
Plugin Details
Severity: Medium
ID: 271390
File Name: cisco-sa-phone-dos-FPyjLV7A_CVE-2025-20351.nasl
Version: 1.1
Type: combined
Family: CISCO
Published: 10/24/2025
Updated: 10/24/2025
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.8
CVSS v2
Risk Factor: Medium
Base Score: 5.8
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N
CVSS Score Source: CVE-2025-20351
CVSS v3
Risk Factor: Medium
Base Score: 6.1
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Information
CPE: x-cpe:/h:cisco:ip_phone, x-cpe:/o:cisco:ip_phone
Required KB Items: installed_sw/Cisco IP Phone, Settings/ParanoidReport
Patch Publication Date: 10/15/2025
Vulnerability Publication Date: 10/15/2025
Reference Information
CVE: CVE-2025-20351
CISCO-SA: cisco-sa-phone-dos-FPyjLV7A
IAVA: 2025-A-0783
CISCO-BUG-ID: CSCwn51683, CSCwn58671, CSCwn58673, CSCwn58674, CSCwn58676, CSCwn58683, CSCwn58684, CSCwn58685, CSCwn58687