Vulnerability Discovered in Cisco IP Phones

News, Security, Software

ADarkMatter company known as xen1thLabs, responsible for conducting vulnerability studies, has discovered and revealed a zero-day vulnerability in Cisco IP phones (7800 and 8800 series).

Both the hackers and malicious cyber artistes could have easily abused this weakness to compromise and penetrate the computer networks. A patch, however, is now available, many thanks to the efforts of Cisco Product Security Incident Response Team (PSIRT) as well as the xen1thLabs.

Rocco Calvi, who is the Director Software Labs, xen1thLabs, stated: “Through these security flaws, hackers could have gained control of device functionality such as microphone, web camera and voice mail. They could also have propagated malware on the network.”

“We are constantly working to identify similar vulnerabilities across digital systems that are currently in operation. We have a vital role to play here in the Middle East where we provide state-of-the-art testing to identify security flaws to help safeguard systems from threats.”

xen1thLabs has also formerly observed evidence of hackers making use of software weaknesses to accomplish extraction of Bitcoins or utilizing cloud computing to promote their illegal activities. Risk actors, inclusive of those belonging to nation states, are more than capable of performing wide-scale Distributed Denial of Service (DDoS) against their selected target, which could be government agencies or significant infrastructure services.

In this specific case, xen1thLabs discovered that susceptible IP phones were being utilized in most of the enterprises throughout the extensive business community around the globe, possibly having an effect on millions of these widespread devices.

The efforts of this UAE-based, devoted test and authentication Lab, recognizes and reports zero-days to guard the users. Our world-renowned researchers have distinctive skills that specialize in vulnerability detection. They work alongside vendors to find solutions that protect everyday users from the novel and imminent cyber threats.