Cisco IP phones may be exploited to eavesdrop

As if Cisco needs any more negative publicity in light of the company’s recent developments… Reorganizing its consumer business, killing off Flip, missed earnings, layoff projections, and CEO John Chambers in the hot seat:

Now security researchers have demonstrated how easy it is to attack Cisco IP phones out-of-the-box to intercept calls or cause service disruptions via distributed denial-of-service (DDoS) methods. The vulnerability lies in the phone’s web service capabilities — a feature that Cisco recommends disabling in the user manual.

But who reads the manual in the real world, right? ITelecom administrators usually just open the box, take the phone out, and plug it into an Ethernet port. Done. That’s the beauty of the IP phone, as they’d say.

These IP phones are more prevalent in businesses now, in the office and even in the contact center where personal and often private data are handled. Such a security weakness in the phone should be taken seriously as there could be severe legal repercussions with leaked private information, or worse yet, finding out one day that all the phones in the company are out of service.

The best practice should be to harden these IP phones just as you would to a PC workstation. Things such as disabling certain services, configuring the firewall, etc. should not be overlooked.


2 thoughts on “Cisco IP phones may be exploited to eavesdrop

  1. Cisco is not aware of any vulnerabilities that allow the unauthorized use of Cisco IP phones as listening devices. The company maintains a very open relationship with the security community and we view this as vital to helping protect our customers’ networks. We have spoken with both the conference organizers and presenters ahead of the upcoming AusCERT 2011 tutorial on VoIP Security Testing. They have confirmed that no new security vulnerabilities will be revealed. We understand their presentation will reference the importance of securing IP phones in line with the manufacturer’s installation and configuration recommendations. We support this message and recommend it as a best practice for our customers.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s