What is CVE-2020-16137?

CVE-2020-16137 is a vulnerability in N/a. Published 2020-08-12.

Is CVE-2020-16137 known to be exploited?

6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2020-16137

A privilege escalation issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to reset the credentials for the SSH administrative console to arbitrary values. Note: We cannot prove this vulnerability ex…

EPSS: 0.732 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework
20142995/nuclei-templates
Fans0n-Fan/Cisco-7937G-All-In-One-Exploiter
blacklanternsecurity/Cisco-7937G-PoCs
cyb3r-w0lf/nuclei-template-collection
fkie-cad/nvd-json-data-feeds

References

packetstormsecurity.com/files/158818/Cisco-7937G-Privilege-Escalation.html (x_refsource_MISC)
www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-793… (x_refsource_MISC)
www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-ph… (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-16137?: CVE-2020-16137 is a vulnerability in N/a. Published 2020-08-12.
Is CVE-2020-16137 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.