The Cisco 7920 Wireless IP Phone provides Voice Over IP service via
IEEE 802.11b Wi-Fi networks and has a form-factor similar to a cordless phone.
This product contains two vulnerabilities:
The first vulnerability is an SNMP service with fixed community strings
that allow remote users to read, write, and erase the configuration of an
The second vulnerability is an open VxWorks Remote Debugger on UDP port
17185 that may allow an unauthenticated remote user to access debugging
information or cause a denial of service.
Cisco has made free software available to address these vulnerabilities
for affected customers. There are workarounds available to mitigate the effects
of the vulnerability.
This advisory is posted at