Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1513
Views
5
Helpful
5
Replies

Sweet32 Vulnerability on 8832 Phone

Go to solution
fdharmawan
Level 4
Level 4

‎11-15-2021 05:12 PM

Hi Guys,

Recently our security team pointed out that our 7861 and 8832 IP phones deemed as vulnerable. The vulnerability details was Sweet32 (https://sweet32.info/). The remarks said that "Disable and stop using DES, 3DES, IDEA or RC2 ciphers.".

So I did a test with some of the IP phones in my deployment, by setting the 'Disable TLS Ciphers' value on each phone to option 7 (the bottom one). Well, to my surprise, the latest report said that the 7861 phones are fixed, but not with 8832.

After further checking, both phone types are basically runs with the same software version, sip78xx.12-8-1-0001-455 for 7861 and sip8832.12-8-1-0001-455 for 8832. The software is quite new, release back in 2020, not really outdated. But, I found out that the value on option 7 is different. On 7861 it has 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SAH384', while on 8832 it has 'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA256'.

Any idea on how to fix the vulnerability? Anyone experienced the same issue? Thanks.

1 person had this problem
Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
fdharmawan
Level 4
Level 4
In response to Vinod16

‎04-04-2022 07:32 PM

Hi Vinod,

 

Yes I did. Found it accidentally. On the phone settings, go to the bottom of the page. On "Disable TLS Ciphers" section, select all the items except None. Click save then apply config. Restart your phone to make sure none of the operational is disrupted by the changes you just performed. It solved my issue.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Nithin Eluvathingal
VIP
VIP

‎11-16-2021 02:44 AM

 

 

Have you tried,  Firmware 14.0(1)SR2 for 8832. 

 

 



Response Signature


0 Helpful

Go to solution
fdharmawan
Level 4
Level 4
In response to Nithin Eluvathingal

‎11-17-2021 09:08 PM

Hi Nithin,

I just upgraded to version 14.0(1)SR2 today. So far the TLS version on option 7 is the same. Gonna wait for the latest security report next Monday to see the result.

0 Helpful

Go to solution
fdharmawan
Level 4
Level 4
In response to Nithin Eluvathingal

‎11-24-2021 11:43 PM

Hi,

 

I tried to upgrade the phone to its latest OS release. But still got the vulnerability detected. Maybe Cisco has not released the patch yet for 8832? It's kind of strange since they have released the patch for 7861.

0 Helpful

Go to solution
Vinod16
Level 1
Level 1

‎03-21-2022 07:51 AM

have you received any solution for this VA .

 

Regards

Vinod

0 Helpful

Go to solution
fdharmawan
Level 4
Level 4
In response to Vinod16

‎04-04-2022 07:32 PM

Hi Vinod,

 

Yes I did. Found it accidentally. On the phone settings, go to the bottom of the page. On "Disable TLS Ciphers" section, select all the items except None. Click save then apply config. Restart your phone to make sure none of the operational is disrupted by the changes you just performed. It solved my issue.

0 Helpful
Customers Also Viewed These Support Documents