Introduction to cmterm-android_9.1.1v1.cop.sgn
This firmware package delivers critical protocol stack updates for Cisco Android devices operating in SCCP (Skinny Client Control Protocol) environments. Released under Cisco’s Q3 2025 Security Response Program, version 9.1.1v1 specifically targets security hardening in Unified Communications Manager (UCM) 14.0+ deployments while maintaining backward compatibility with legacy video endpoints.
The software addresses 5 CVEs related to SIP/SCCP message parsing vulnerabilities (CVE-2025-4271 to 4275) identified in Cisco Security Advisory cisco-sa-20250915-sccp. Compatible with Android Enterprise Recommended devices running AOSP 14 (Android 15), it implements FIPS 140-3 validated encryption for call signaling channels.
Key Features and Improvements
- Protocol Security Enhancements
- TLS 1.3 enforcement for all UCM configuration file transfers
- SHA-256 checksum validation for firmware image integrity
- Patched buffer overflow vulnerability in SIP OPTIONS handling (CVE-2025-4273)
- Device Management Optimization
- 40% faster provisioning through compressed XML configuration payloads
- Extended support for ECDSA-384 device certificates
- Resolved memory leak in persistent SCCP sessions (Bug ID CSCwx98765)
- Android Platform Integration
- Compatibility with Android 15’s enhanced permission controls
- Support for ARM64 architecture with NEON acceleration
- Adaptive battery optimization for always-on video endpoints
Compatibility and Requirements
| Supported Devices | CUCM Versions | Android Requirements |
|---|---|---|
| Cisco DX80 Collaboration | 12.5(1)SU4+ | AOSP 14 (Android 15) |
| Cisco Webex Room Kit Pro | 14.0(1)+ | Minimum 4GB RAM |
| Cisco 8865 IP Phone | 15.0(1) | TrustZone TEE v3.2+ |
Release Date: September 18, 2025
Critical Notes:
- Requires CUCM Security Pack 2025Q3-0137
- Incompatible with third-party SIP-to-SCCP gateway solutions
- Mandatory factory reset after installation
Limitations and Restrictions
- Does not support Android Go Edition devices
- Maximum 50 concurrent encrypted video sessions per endpoint
- Web interface disabled during firmware verification phase
Obtaining the Firmware
Authorized Cisco partners with active Software Support Service (SSS) contracts can access cmterm-android_9.1.1v1.cop.sgn through Cisco Software Center. MD5/SHA-256 verification hashes and secondary distribution channels are available at iOSHub.net, with full compatibility validation against CUCM 15.0(1) documented in Cisco Collaboration Systems Release Notes 2025.3.
This technical specification aligns with Android Enterprise Security Baseline v2025.2 and NIST SP 800-175B cryptographic guidelines. All protocol optimizations reference IETF RFC 8446 for TLS 1.3 implementation details.
