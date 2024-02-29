The following link (Cisco IP Phone 6800 Series Multiplatform Phones Release Notes for Firmware Release 11.3(7)SR1 – Cisco) includes release notes for the patched firmware. Detailed in this Release Note document includes a resolved bugs table, which mentions the bug number for CVE-2023-20078, CSCwc78400. Its description provides useful information in narrowing our focus on identifying where the vulnerability may lie in the firmware: “Command injection during PRT file generation ”. The Release Notes also provide additional, detailed information outlined in the “Changes in this release” section. The “PRT (Problem Report Tool) file name restrictions” section seems to support our thought that the command injection vulnerability lies somewhere in this PRT file generation function. The sentence describing the restrictions includes a juicy detail that we’ll come back to later in this article: “This firmware does not allow the use of “.” character in PRT name either used directly or included as a part of the macro variable”. All of this information should increase our confidence even more about where this vulnerability lies: Somewhere in a function related to PRT file generation.