Guest

Preview Tool

Cisco Bug: CSCvs81456 - Cisco Proximity app attempts to pair to random unknown IP addresses

Last Modified

Apr 06, 2020

Products (1)

  • Cisco TC Console

Known Affected Releases

unspecified

Description (partial)

Symptom:
A vulnerability in the ultrasonic decoder of Cisco Intelligent Proximity could allow an unauthenticated, physical attacker to attempt to pair proximity enabled devices with unknown IP addresses.

The vulnerability is due to an excessively lenient ultrasonic decoder. An attacker could exploit this vulnerability by generating crafted ultrasonic signals within the vicinity of a proximity enabled device.  An exploit could allow an attacker, within physical range of the proximity enabled device, to attempt an HTTPS session with an IP address unknown to the victim machine.

Conditions:
Device with default configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.