Cisco Desk Phone 8875 Series FIPS 140-3 Compliance Letter

Date: July 31, 2025

To Whom It May Concern,

A compliance review of Cisco Desk Phone 8875 series with PhoneOS version 3.5 (the product) was completed and found that the Product integrates the following FIPS 140-3 approved cryptographic module:

Cisco FIPS Object Module 7.3a (FIPS 140-3 Cert. #4747)
https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4747

Cisco confirms that the cryptographic module listed above provides cryptographic services for the following as applicable:

Image Authentication, Secure Storage, Config File Enc, TLS (HTTPs, PRT Upload, Upgrade, Profile resync, Onboard Service, Webex onboarding, SIP-TLS, 802.1x (Wired)), SIP Digest, SRTP, and SSHD

The review/testing confirmed that:

The cryptographic module (mentioned above) does initialize in a manner that is compliant with its Security Policy.
All applicable cryptographic algorithms used for session establishment are handled within the cryptographic module.
All applicable underlying cryptographic algorithms support each service's key derivation function.

This letter has been generated in accordance with guidance provided by the Cryptographic Module Validation Program (CMVP) (https://csrc.nist.gov/Projects/cryptographic-module-validation-program/validated-modules).

In general, a letter will not be generated for subsequent software releases unless a change has been made to the cryptographic module(s) noted in this letter.

The CMVP has not independently reviewed this analysis, testing or the results.

Any questions regarding these statements may be directed via e-mail to the Cisco Global Certification Team (GCT) at certteam@cisco.com.

	Cisco Desk Phone 9800 Series FIPS 140-3 Compliance Letter Official compliance letter confirming the Cisco Desk Phone 9800 series with PhoneOS 3.5 meets FIPS 140-3 standards, referencing Cisco FIPS Object Module 7.3a.
	Cisco Catalyst SD-WAN FIPS 140-3 Compliance Review Compliance review letter for Cisco Catalyst SD-WAN (version 20.15) confirming its FIPS 140-3 validated cryptographic module and supported cryptographic services.
	Cisco Instant Message and Presence (IM&P) v15 SU3 FIPS 140-3 Compliance Letter Official conformance review letter for Cisco Instant Message and Presence (IM&P) version 15 SU3, confirming integration of FIPS 140-3 approved cryptographic modules and their compliance with security policies for TLS services.
	Cisco Secure Web Appliance AsyncOS 15.5 FIPS 140-3 Compliance Review Compliance review letter confirming Cisco Secure Web Appliance (SWA) running AsyncOS 15.5 meets FIPS 140-3 validation standards for its cryptographic module, supporting TLS v1.2 and SSHv2.
	Cisco Unified Communications Manager 15 SU3 FIPS 140-3 Compliance Letter This letter confirms that Cisco Unified Communications Manager version 15 SU3 integrates FIPS 140-3 approved cryptographic modules, detailing the services they support and the validation process.
	Cisco Thousand Eyes FIPS 140-3 Cryptographic Module Compliance Letter Official compliance letter from Cisco confirming that Cisco Thousand Eyes version 2.3 with PhoneOS version 3.5 integrates a FIPS 140-3 approved cryptographic module, detailing its validation and security compliance for TLS.
	Cisco Enterprise NFV Infrastructure v4.18 FIPS 140-3 Compliance Letter This document confirms the FIPS 140-3 compliance of Cisco Enterprise NFV Infrastructure Version 4.18, detailing its validated cryptographic module and supported security services.
	Cisco Emergency Responder 15 SU3 FIPS 140-3 Compliance Letter Compliance review letter for Cisco Emergency Responder version 15 SU3, confirming its integration with FIPS 140-3 approved cryptographic modules and detailing supported cryptographic services.

Related Documents