■■■■■ Zero-Day: Cisco discloses high-severity IP phone zero-day with exploit code: CVE-2022-20968, as the security flaw is tracked, is caused by insufficient input validation of received Cisco Discovery Protocol packets, which unauthenticated, adjacent attackers can exploit to trigger a stack overflow.
https://www.bleepingcomputer.com/news/security/cisco-discloses-high-severity-ip-phone-zero-day-with-exploit-code/
https://t.me/cKure/11998