Hack Alert – Your Cisco Phones may be Vulnerable to Bugging and Eavesdropping!

Posted on Feb 1, 2013 in Jeff Nolte's Blog

Cisco has warned that its Cisco Unified IP Phone 7900 series may be vulnerable to hacks that can turn them into remote bugging devices, allowing for all sorts of mischief.

With a device that connects to a phone’s serial port, an attack code can be injected that gives a remote hacker control over the device, allowing calls to be monitored and the phone’s microphone to be turned on – all without anyone in the room knowing about it.

Read more of CRN’s coverage here

Cisco’s warning came in response to a demonstration by security experts of how people with physical access to the phone could execute malicious code that would allow for eavesdropping.

Cisco confirmed that the vulnerability can be exploited remotely across a corporate network, and has acknowledged plans to remedy the problem by releasing a software patch to plug the security hole.

Ongoing security measures should be part of your organization’s business continuity and disaster recovery plans. To make sure your voice and data networks are protected, contact us today at: (800) 787-4848 or email jnolte@chesapeaketelephone.com.