Just because you are paranoid doesnâ€™t mean your phone isnâ€™t listening to everything you sayÂ
At the 29th Chaos Communication Congress, researchers Ang Cui and Michael Catello made public a proof of concept on how critical kernel vulnerabilities in Cisco Native Unix can be exploited to transform all Cisco Unified IP Phones 7900 Series in a network into remote bugging devices.
This basically allows attackers to compromise the firmware of the Cisco IP Phone in boardrooms or on employeesâ€™ office desks to eavesdrop on private conversations. The researchers at Columbia University managed to activate the IP Phone microphone without lifting the handset, and to remotely listen to conversations.
â€œWe demonstrate practical covert surveillance using constant, stealthy exfiltration of microphone data via a number of covert channels.â€ explain the researchers behind the Hacking Cisco Phones Â project. â€œWe discuss the feasibility of our attacks given physical access, internal network access and remote access across the internet.â€ they add.
Cisco was immediately informed of the vulnerability and issued an advisory on Wednesday detailing the bug. Their advisory reads â€œAn attacker could exploit this issue by gaining local access to the device using physical access or authenticated access using SSH and executing an attacker-controlled binary that is designed to exploit the issue. Such an attack would originate from an unprivileged context.â€
Cisco used the security advisory to offer a temporary solution to customers handling vulnerable IP phones until the permanent patch scheduled for January 21st.