Kernel Vulnerability in Cisco Phones Can Be Exploited for Covert Surveillance

The security hole has been identified by Ang Cui and Michael Costello

By on January 10th, 2013 15:16 GMT

At the latest edition of the Chaos Computer Club’s Chaos Communication Congress, security researchers Ang Cui and Michael Costello demonstrated how a kernel vulnerability affecting the Cisco Native Unix could be leveraged by cybercriminals for all sorts of “nasty” things.

The experts showed that the security hole in the operating system installed in some Cisco Unified IP phones could be exploited by a local attacker to execute malicious code and even for covert surveillance by stealthy exfiltration of microphone data.

In an advisory released yesterday, Cisco detailed the vulnerability.

“This vulnerability is due to a failure to properly validate input passed to kernel system calls from applications running in userspace,” the advisory reads.

“An attacker could exploit this issue by gaining local access to the device using physical access or authenticated access using SSH and executing an attacker-controlled binary that is designed to exploit the issue. Such an attack would originate from an unprivileged context.”

The company has provided some temporary workarounds for administrators and estimates that a permanent fix for this flaw will be released in the week of January 21.

Comments