Cisco – Vulnerability in Cisco IP Phone 8800 Series allow remote attacker to cause a DoS

Advisory IDRSN-SIP-1562

Vulnerability Information


A vulnerability in Session Initiation Protocol (SIP) call handling of Cisco IP Phone 8800 Series devices could allow an unauthenticated,remote attacker to cause a denial of service condition due to the SIP process unexpectedly restarting. All active phone calls are droppedas the SIP process restarts.

Release Date

2017-06-13 00:00:00


SIP (Session Initiation Protocol) is a protocol used for the initiation, modification and termination of voice and video calls through IP networks. This protocol is implemented in multiple Cisco systems products such as routers, switches and Firewalls.

Technical Information


A remote user can send specially crafted SIP packets to trigger an input validation flaw and cause the target SIP process to restart. As a result, active phone calls are dropped. The vendor has assigned bug ID CSCvc29353 to this vulnerability.



The UCTM solution from RedShift Networks provides the industry’s first complete security solution developed to secure VOIP networks, endpoints and applications. His research team is constantly looking for new attack patterns, advanced penetration testing methods, vulnerability identification and deployment of new signatures for constantly subscribed clients. For more information visit

External Resources


Cisco Security Advisory

Common Vulnerabilities and Exposures (CVE)