[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Security Researcher Compromises Cisco VoIP Phones With Vulnerability
From: InfoSec News <alerts () infosecnews ! org>
Date: 2012-12-14 9:47:28
Message-ID: alpine.DEB.2.02.1212140347170.28817 () infosecnews ! org
[Download RAW message or body]
http://www.darkreading.com/threat-intelligence/167901121/security/attacks-breaches/240144378/security-researcher-compromises-cisco-voip-phones-with-vulnerability.html
By Brian Prince
Contributing Writer
Dark Reading
Dec 13, 2012
A researcher has demonstrated how Cisco Voice-over-IP (VoIP) phones can
be hijacked and turned into listening devices.
At the Amphion Forum this month, Columbia University grad student Ang
Cui demonstrated how networked printers and phones can be abused by
attackers. The forum, held in San Francisco, is produced by Mocana,
which makes security software for non-PC devices that connect to the
Internet.
"The attack I demonstrated is caused by the multiple vulnerabilities
within the syscall interface of the CNU [Cisco Native Unix] kernel," Cui
tells Dark Reading. "It is caused by the lack of input validation at the
syscall interface, which allows arbitrary modification of kernel memory
from userland, as well as arbitrary code execution within the kernel.
This, in turn, allows the attacker to become root, gain control over the
DSP [Digital Signal Processor], buttons, and LEDs on the phone. The
attack I demonstrated patches the existing kernel and DSP in order to
carry out stealthy mic exfiltration."
As part of the demonstration, Cui inserted and removed a small external
circuit board from the phone's Ethernet port -- a move he asserted could
be accomplished by someone left alone inside a corporate office for a
few seconds. He then used his own smartphone to capture every word
spoken near the VoIP phone, even though it was still "on-hook."
[...]
______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic