Information security specialists at IT secure firm Tenable Research report the discovery of 19 vulnerabilities in Cisco SPA100 Series Voice over Internet Protocol (VoIP) adapters. The vulnerabilities were apparently found while a home VoIP service was being configured.
If exploited, these vulnerabilities would allow a threat actor to listen for conversations that users hold through this communication protocol. A hacker with the required knowledge could even make calls and use this vulnerability as a network access point.
Andrew Orr and Alex Weber, information security specialists, purchased Cisco SPA112 and SPA122 analog phone adapters (ATAs), capable of connecting a landline to a VoIP network. After installing them, the experts decided to test the security of these devices, as they have a large attack surface.
After the scans, experts found a total of 19 exploitable vulnerabilities, which would allow a malicious hacker to take control of these devices and their web interface, just like the underlying operating system.
“The consequences of exploiting these vulnerabilities include credential theft, creation of super-users with full privileges, and arbitrary code execution,” computer security experts mentioned through their blog.
Researchers also demonstrated being able to run a privilege escalation on VoIP adapters: “We take a user with limited privileges, filter the hash of the administrator user’s password, and then dodge hashing for elevate our privileges,” they state in their report.
Prior to publishing their findings, the experts reported in a timely manner the vulnerabilities found to Cisco, which developed a new version of Firmware 1.4.1 SR5 for its SPA100 series devices.
By scanning the Internet using the Shodan tool, experts discovered at least 3,600 devices potentially exposed to exploiting these security flaws, so the potential scope of these drawbacks is considerable.
Information security experts inform the International Institute of Cyber Security (IICS) recommend that users of these devices install the latest firmware version as soon as possible.