A high-severity vulnerability has been identified in multiple RPS products, allowing unauthorized attackers to access sensitive information. Successful exploitation could expose critical configuration data, such as AutoP URLs, potentially enabling attackers to intercept communications or compromise VoIP devices.

The vulnerability is an information disclosure flaw resulting from improper access control. An unauthenticated remote attacker can send a specially crafted request to the affected RPS service to retrieve sensitive configuration details. This includes AutoP (Automatic Provisioning) URLs, which are used to configure VoIP devices automatically, potentially exposing provisioning server credentials, network topology, and other confidential data.

This vulnerability is rated as High severity with a CVSS score of 7.4. The exposure of AutoP URLs and other provisioning data presents a significant security risk. An attacker could use this information to conduct man-in-the-middle (MitM) attacks, redirecting devices to a malicious provisioning server to install malware, eavesdrop on calls, or gain a foothold within the corporate network. This compromises the confidentiality and integrity of the organization's communication infrastructure and could lead to data breaches or service disruption.

Immediate Action: Organizations must apply the vendor-supplied security updates to all affected RPS products immediately to patch the vulnerability. Following the update, system administrators should review access logs for any signs of unauthorized access or suspicious queries to the RPS service that may have occurred prior to patching.

Proactive Monitoring: Implement continuous monitoring of network traffic to and from the RPS service. Specifically, look for anomalous requests from unknown or untrusted IP addresses. Configure alerts for multiple failed login attempts or unusual patterns of data access that could indicate an exploitation attempt.

Compensating Controls: If immediate patching is not feasible, restrict network access to the RPS management interface. Use a firewall to limit access to only trusted IP addresses or specific administrative subnets. Implement network segmentation to isolate VoIP devices from other critical network assets, limiting the potential impact of a compromised device.

Public Exploit Available: false

Given the high-severity rating (CVSS 7.4) and the risk of compromise to critical communication infrastructure, we strongly recommend that organizations prioritize the deployment of the vendor's security patch immediately. Although this vulnerability is not currently listed on the CISA KEV catalog, its potential impact warrants urgent attention. Proactive application of the patch is the most effective measure to prevent future exploitation and protect sensitive corporate data.