The AudioCodes VoIP phones can be managed centrally, whereby configuration files are provided and requested by the phones at a central location. These configuration files can also be provided in encrypted form. This is intended to protect sensitive information within the configuration files from unauthorized access. Due to the use of a hardcoded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information. Firmware versions greater than or equal to 3.4.8.M4 are affected.
aa8123253e08b34d540bf926ba4a87654940b99a7e069721ef96a63db69bac95The AudioCodes VoIP phones store sensitive information, e.g. credentials and passwords, in encrypted form in their configuration files. These encrypted values can also be automatically configured, e.g. via the "One Voice Operation Center" or other central device management solutions. Due to the use of a hardcoded cryptographic key, an attacker with access to these configuration files is able to decrypt the encrypted values and retrieve sensitive information, e.g. the device root password. Firmware versions greater than or equal to 3.4.8.M4 are affected.
29414b5c1036f3966c46308f74f15451f22b582e783e487f7aa45422c6dfd70fAudioCodes VoIP Phones with firmware versions greater than or equal to 3.4.4.1000 have been found to have validation of firmware images that only consists of simple checksum checks for different firmware components.
87f14d8fb3d841332987f94e0d0b781df7d013b6b805f919c5e4b88c417fe4f0Mitel 6800/6900 Series SIP Phones excluding 6970 and Mitel 6900 Series IP (MiNet) Phones have a flow to spawn a telnet backdoor on the device with a static root password enabled. Affected versions include Rel 5.1 SP8 (5.1.0.8016) and earlier, Rel 6.0 (6.0.0.368) to 6.1 HF4 (6.1.0.165), and MiNet 1.8.0.12 and earlier.
f64facd6fb1f0b3cf63d9849292f052e8efccb8ebd488f773fe95e1a28e11171
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed