Cisco vulnerability could allow attackers to eavesdrop on private conversations

A vulnerability in Cisco’s SPA300 and SPA500 IP phones could allow hackers to eavesdrop on private conversations from anywhere in the world, reports The Register.

The flaw, which has been confirmed by the company, is said to be the result of incorrect authentication settings in phones running version 7.5.5 of its firmware. If exploited, the vulnerability, could allow attackers to listen to calls, make calls remotely and even turn on the phone’s microphone to eavesdrop on the area around the device.

In a statement on its website, Cisco explained: “The vulnerability is due to improper authentication settings in the default configuration. An attacker could exploit this vulnerability by sending a crafted XML request to the affected device. An exploit could allow the attacker to listen to a remote audio stream or make phone calls remotely.”

According to IT News, the company is working on a patch to fix the issue, but in the meantime customers are advised to take other precautions. Administrators of the affected phones should enable XML Execution authentication to ensure only trusted users can gain access, while firewalls and IP-based access control lists can also be used to keep systems safe.

The flaw was first noticed by Chris Watts, director of Tech Analysis in Sydney, who also found two other vulnerabilities in Cisco’s systems. It’s the Firmware flaw, though, that he agues could have there most serious implications, leaving businesses open to being snooped on by their competitors.

Cisco gave the vulnerability a low “harassment” severity rating and said it was unlikely to be exploited, but customers are advised to take additional safeguards until a patch arrives.

Photo: Ken Wolter /

Author , ESET

Follow us

Copyright © 2017 ESET, All Rights Reserved.