Cisco IP phones are susceptible to eavesdropping

            It has been shown that Cisco's 7900 Series of IP phones has a weakness in regards to the Extension Mobility. With this weak link, a hacker can easily listen in to other people's calls.

            Users use Extension Mobility to configure a Cisco IP phone as their own. Once it is enabled, it is unable to encrypt signalling communications that occurs between a device and an internal web server. It creates a lot of security problems because hackers can now have access to authentication credentials which they can now use to cut off users and also listen in to streaming media connections that has to do with calls. Though this looks very concrete, it is only possible if the hacker has a valid Extension Mobility authentication credentials and also have access to the targeted network.

            Internal attacks might actually pose a greater threat. An indication that the attack went through is the presence of noise on the wire. There will also be static noise on the phone while the attack is on. Thanks to the researcher, Joffrey Czarney of Telindus who discovered this problem, it wouldn't have been known. He presented a paper on this research at the Hack.Lu 2007 security conference, held in Luxemboug last month.