Skip to main content

Cisco confirms IP phone eavesdropping flaw

posted onMarch 23, 2015
by l33tdawg

Cisco's small business SPA300 and SPA500 internet protocol (IP) phones contain a vulnerability that if exploited, allows attackers to remotely listen in on audio from the devices.

The vulnerability was discovered by Chris Watts, director of Tech Analysis in Sydney, along with two others.

Watts and Tech Analysis were tasked with finding security vulnerabilites in the Cisco Shared Port Adapter internet protocol hardware and software, and were to report any findings to the company. Three vulnerabilities were discovered in the audit, and named CVE-2015-0670, CVE-2014-3313 and CVE-2014-3312.

Source

Tags

Cisco Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th