Title

The Enterprise Voice, Video, and Messaging Endpoint must be configured with a firmware release supported by the vendor. (Cat I impact)

Discussion

Operating a device with outdated firmware may leave the device with unmitigated security vulnerabilities. Vendors routinely update and patch firmware to address vulnerabilities. Operating with current supported firmware mitigates the vulnerabilities known by the vendor.

Check Content

Verify the firmware release installed on the Enterprise Voice, Video, and Messaging Endpoint is currently supported by the vendor. If the firmware release installed on the Enterprise Voice, Video, and Messaging Endpoint is not currently supported by the vendor, this is a finding.

Fix Text

Install a currently supported firmware release supplied by the vendor onto the Enterprise Voice, Video, and Messaging Endpoint.

Additional Identifiers

Rule ID: SV-259980r948907_rule

Vulnerability ID: V-259980

Group Title: SRG-NET-000512

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.