Cisco tackles security threat to IP phones

Cisco is trying to tackle a security threat in its voice over IP phones that allows hackers to eavesdrop on conversations.

The threat was discovered by a researcher working for Telindus, and allows hackers to remotely eavesdrop on Cisco Unified IP Phones.

Cisco has confirmed that an attacker, with valid Extension Mobility authentication credentials, could cause a Cisco Unified IP Phone configured to use the Extension Mobility feature to transmit or receive a Real-Time Transport Protocol (RTP) audio stream.

This ability can be exploited to perform a remote eavesdropping attack. All Cisco IP Phones that support the Extension Mobility feature are vulnerable, said Cisco.

To obtain Extension Mobility authentication credentials, an attacker needs physical access to the network to sniff credentials. This can be accomplished by inserting a sniffing device between an IP phone and switch port, said Cisco.

In a throwback to old-fashioned wire-tapping, Cisco said that such attacks would produce static noise on the IP phone while it was under attack.