LASER_oneXM

Level 31
Verified
Cisco released on Wednesday security patches for vulnerabilities present in its IP Phone 7800 and 8800 series. An attacker could exploit most of the flaws remotely without being authenticated.
The company says that it has no knowledge of any of the issues being exploited in the wild.

Plenty of DoS opportunities

All the vulnerabilities affect the 8800 series, while one that enables a denial-of-service (DoS) condition on the target, CVE-2019-1716, also impacts Cisco IP Phone 7800 series.
It stems from improper validation of user input during the authentication process and could be leveraged to execute arbitrary code, too.
"An attacker could exploit this vulnerability by connecting to an affected device using HTTP and supplying malicious user credentials," the security advisory reads.

Another flaw leading to a DoS state is CVE-2019-1766, which a remote attacker could exploit by sending a crafted, remote connection request; this would allow writing a file that exhausts the available disk space.
... ... ...
 
  • Like
Reactions: Vasudev

Slyguy

Level 40
IP Phones are massive vulnerabilities.. I worked for a security firm and during an internal audit found several backdoored Digium Phones. It was hilarious, but at the same time sad as they compromised all of them through a pretty deep set of security layers.

My home has one of the safest IP Phone setups possible, but its because I designed it with a custom PBX that creates a 4096-Bit Symmetric Key over OpenVPN each time I pick up the phone. It's not getting hacked and specific other people I communicate with over similar systems they have are almost un-interceptable.

But yes.. Most IP phone systems are quite insecure and almost trivially compromised and often result in lateral movement on networks through those phones if they aren't properly segregated on vlans.
 
  • Like
Reactions: Vasudev