Cisco Product Security Update Advisory (CVE-2025-20350)

Overview

 

Cisco has released security updates that address vulnerabilities in Cisco products. Users of affected products are advised to update to the latest version.
 

 

Affected Products

 

CVE-2025-20350

 

Desk Phone 9800 Series

 

Cisco SIP Software Version: 3 or later but earlier than 3.3(1)

 

IP Phone 7800 and 8800 Series

 

Cisco SIP Software Version: 14.3 or earlier
Cisco SIP Software Version: 14.3 or later and less than 14.3(1)SR2

 

IP Phone 8821

 

Cisco SIP Software version: 11 or earlier
Cisco SIP Software version: 11 or later and less than 11.0(6)SR7

 

Video Phone 8875

 

Cisco SIP Software version: 2.3(1)SR1 or earlier
Cisco SIP Software version: 3 or later but not earlier than 3.3(1)

 

 

Resolved Vulnerabilities

 

Cross Site Scripting Vulnerability in Cisco Products (CVE-2025-20350)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2025-20350

 

Desk Phone 9800 Series

 

Cisco SIP Software Version: 3.3(1)

 

IP Phone 7800 and 8800 Series

 

Cisco SIP Software Version: 14.3(1)SR2

 

IP Phone 8821

 

Cisco SIP Software Version: 11.0(6)SR7

 

Video Phone 8875

 

Cisco SIP Software version: 3.3(1)

 

 

References

 

[1] Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-dos-FP..