Get Technabob in Your Mailbox Every Day! Join our Mailing List!
subscribe to our rss feedsubscribe via e-mailfollow technabob on twittertechnabob facebook fan pageGoogle+follow us in feedly
Follow Us:

Security Flaw Allows Hackers to Take over Cisco IP Phones


If you work in an office that uses the popular CiscoUnified IP Phone 7900 Series, prepare to feel violated. A couple of security researchers have published details on a security vulnerability that allows a nefarious hacker to turn the phones into eavesdropping devices. The hack allows people to listen in on private phone calls as well as to nearby conversations.


The hack is executed with a small piece of hardware plugged into the local serial port of the Cisco phone. Once the device is connected to the phone, the hacker is able to execute code allowing them to remotely monitor phone calls and turn on the phone’s speaker allowing them listen in on conversations. Cisco has confirmed this vulnerability and has promised a fix.

Cisco has already offered a temporary software patch that blocks the hack from being executed over a network. Cisco also promises a patch to plug the hole when the hacking device is connected directly to the phone. Ultimately, Cisco promises to completely rewrite the base firmware eliminating the possibility of his hack being used. But in the mean time, if your company uses these phones, you might want to watch what you say in front of your phone – or just unplug it from the phone jack.

[via Ars Technica]

Post a Comment:

Want a personal avatar on your comments? Sign up for a free Gravatar now!

Note: All comments with links in them will be held for moderation in order to prevent spam, so you may not see your post appear immediately.

More from Awesomer Media...