What is CVE-2020-3574?

CVE-2020-3574 is a high-severity vulnerability in Cisco Ip Phones With Multiplatform Firmware, classified under CWE-371. CVSS score: 7.5/10. Published 2020-11-06.

How severe is CVE-2020-3574?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Cisco Ip Phones With Multiplatform Firmware

CVE-2020-3574

A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. The vulner…

EPSS: 0.032 (87.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Cisco Ip Phones With Multiplatform Firmware — versions n/a

Weakness classification (CWE)

CWE-371

References

20201104 Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2020-3574?: CVE-2020-3574 is a high-severity vulnerability in Cisco Ip Phones With Multiplatform Firmware, classified under CWE-371. CVSS score: 7.5/10. Published 2020-11-06.
How severe is CVE-2020-3574?: High severity. CVSS v3 base score is 7.5 out of 10.