Does your company use Cisco IP Phones? Well Cisco has issued a warning to all clients about several vulnerabilities in certain models of their phones.
Cisco has stated the Cisco SPA 300 and 500 Series IP phones can allow unauthenticated remote attacker to listen to the audio stream of an IP phone.
Cisco has confirmed the vulnerability is a real threat and they are working on a new firmware version to fix the threat.
According to Cisco, this vulnerability is due to improper authentication settings in the default configuration. Cyber criminals exploit this vulnerability by sending a crafted XML request to the Cisco SPA 300 or 500 Series IP phones. Once executed, this exploit can allow the cyber criminals to listen to a remote audio stream or make phone calls remotely.
The vulnerability exists in version 7.5.5 of the firmware for the Cisco Small Business SPA 300 and SPA500 IP phones. There currently is no fix for this threat however Cisco is actively working on it.
Cisco has stated that to exploit this vulnerability, a cybercriminal “may” need access to the trusted internal network behind a firewall in order to send crafted XML requests however if your IP phones are not behind a firewall, your exposure has gone up significantly.
As with most threats, this threat has allowed the discovery of another threat which enables an XSS attack on Cisco IP phones. The vulnerability in the web user interface of the Cisco Small Business SPA300 and SPA500 Series IP Phones could allow a remote attacker to execute a cross-site scripting (XSS) attack.
Is your network secure? We offer our Complimentary Network and Security Assessment.