Cisco IP Phones Confirmed Vulnerable To Remote Eavesdropping, Nearly 2,000 Vulnerable Devices Found Online

Cisco has confirmed that the SPA300 and SPA500 small business Voice over Internet Protocol (VoIP) phones have a vulnerability that could allow for remote eavesdropping.  Cisco used a third party company called Tech Analysis in Sydney, Australia to search for security vulnerabilities in their products and found the remote eavesdropping vulnerability.  The vulnerability is the traced to the authentication used in the default firmware version 7.5.5.  According to the reports an attacker can send a request to the device that would result in the attacker being able to stream audio or place calls remotely.

According to Cisco to successfully exploit this vulnerability an attacker would have to be on the same network as the device so there is no concern for internet based attacks.  This means any hostile actor would have to either have access already (insider threat) or pivot from a compromised system inside the network.  Cisco currently has assessed this as a low grade “harassment” severity and has not software updates to fix the vulnerability.

However, Protocol46 has found nearly 2,000 SPA300 and SPA500 devices indexed in the Shodan search engine putting several organizations at risk.

Nearly 2,000 devices are searchable and indexed in the Shodan Search Engine.

Nearly 2,000 devices are searchable and indexed in the Shodan Search Engine.

 

The main CVE for this vulnerability.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0670

Post by Remote Process