Cisco Desk & IP Phones 7800/8800/9800 DoS via Web UI Buffer Overflow
CVE-2025-20350 Published on October 15, 2025
Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Denial of Service Vulnerability
A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.
This vulnerability is due to a buffer overflow when an affected device processes HTTP packets. An attacker could exploit this vulnerability by sending crafted HTTP input to the device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Note: To exploit this vulnerability, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default.
Vulnerability Analysis
CVE-2025-20350 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Weakness Type
What is a Stack Overflow Vulnerability?
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
CVE-2025-20350 has been classified to as a Stack Overflow vulnerability or weakness.
Products Associated with CVE-2025-20350
Want to know whenever a new CVE is published for Cisco Sip? stack.watch will email you.
Affected Versions
Cisco Session Initiation Protocol (SIP) Software:- Version 12.1(1)SR1 is affected.
- Version 11.5(1) is affected.
- Version 10.3(2) is affected.
- Version 10.2(2) is affected.
- Version 10.3(1) is affected.
- Version 10.3(1)SR4 is affected.
- Version 11.0(1) is affected.
- Version 10.4(1)SR2 3rd Party is affected.
- Version 11.7(1) is affected.
- Version 12.1(1) is affected.
- Version 11.0(0.7) MPP is affected.
- Version 9.3(4) 3rd Party is affected.
- Version 12.5(1)SR2 is affected.
- Version 10.2(1)SR1 is affected.
- Version 9.3(4)SR3 3rd Party is affected.
- Version 10.2(1) is affected.
- Version 12.5(1) is affected.
- Version 10.3(1)SR2 is affected.
- Version 11-0-1MSR1-1 is affected.
- Version 10.4(1) 3rd Party is affected.
- Version 12.5(1)SR1 is affected.
- Version 11.5(1)SR1 is affected.
- Version 10.1(1)SR2 is affected.
- Version 12.0(1)SR2 is affected.
- Version 12.6(1) is affected.
- Version 10.3(1.11) 3rd Party is affected.
- Version 12.0(1) is affected.
- Version 12.0(1)SR1 is affected.
- Version 9.3(3) is affected.
- Version 12.5(1)SR3 is affected.
- Version 10.3(1)SR4b is affected.
- Version 9.3(4)SR1 3rd Party is affected.
- Version 10.3(1)SR5 is affected.
- Version 10.1(1.9) is affected.
- Version 10.3(1.9) 3rd Party is affected.
- Version 9.3(4)SR2 3rd Party is affected.
- Version 10.3(1)SR1 is affected.
- Version 10.3(1)SR3 is affected.
- Version 10.1(1)SR1 is affected.
- Version 12.0(1)SR3 is affected.
- Version 12.6(1)SR1 is affected.
- Version 12.7(1) is affected.
- Version 10.3(1)SR6 is affected.
- Version 12.8(1) is affected.
- Version 12.7(1)SR1 is affected.
- Version 11.0(2)SR1 is affected.
- Version 11.0(4) is affected.
- Version 11.0(2) is affected.
- Version 11.0(4)SR3 is affected.
- Version 11.0(5) is affected.
- Version 11.0(3)SR2 is affected.
- Version 11.0(3)SR4 is affected.
- Version 11.0(3)SR3 is affected.
- Version 11.0(2)SR2 is affected.
- Version 11.0(4)SR1 is affected.
- Version 11.0(5)SR3 is affected.
- Version 11.0(3) is affected.
- Version 11.0(5)SR2 is affected.
- Version 11.0(3)SR6 is affected.
- Version 11.0(5)SR1 is affected.
- Version 11.0(4)SR2 is affected.
- Version 11.0(3)SR1 is affected.
- Version 11.0(3)SR5 is affected.
- Version 11.0(6) is affected.
- Version 12.8(1)SR1 is affected.
- Version 12.8(1)SR2 is affected.
- Version 14.0(1) is affected.
- Version 14.0(1)SR1 is affected.
- Version 11.0(6)SR1 is affected.
- Version 10.3(1)SR7 is affected.
- Version 14.0(1)SR2 is affected.
- Version 14.1(1) is affected.
- Version 14.0(1)SR3 is affected.
- Version 11.0(6)SR2 is affected.
- Version 14.1(1)SR1 is affected.
- Version 14.1(1)SR2 is affected.
- Version 11.0(6)SR4 is affected.
- Version 14.2(1) is affected.
- Version 14.2(1)SR1 is affected.
- Version 11.0(6)SR5 is affected.
- Version 14.1(1)SR3 is affected.
- Version 14.2(1)SR2 is affected.
- Version 3.1(1) is affected.
- Version 3.0(1) is affected.
- Version 2.3(1) is affected.
- Version 2.3(1)SR1 is affected.
- Version 2.2(1) is affected.
- Version 2.1(1) is affected.
- Version 2.0(1) is affected.
- Version 14.2(1)SR3 is affected.
- Version 3.1(1)SR1 is affected.
- Version 14.3(1) is affected.
- Version 3.2(1) is affected.
- Version 14.3(1)SR1 is affected.
- Version 14.2(1)SR4 is affected.
- Version 11.0(6)SR6 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.