Sign in / up

back to article CREEPS rejoice: Small biz Cisco phones open to eavesdrop 0-day

Creeps can listen in to conversations placed over vulnerable Cisco small business phones. Remote eavesdropping requires a crafted XML request be sent to the Borg's SPA 300 and 500 IP phones. Cisco warns version 7.5.5 of the software powering the phones is vulnerable, possibly along with more recent iterations. "An …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. John H Woods Silver badge

    Many of the attacks are possible due to the heavy feature set the devices contain poor quality design, implementation and testing.

    2 0 Reply
    1. J__M__M
      Reply Icon

      "Many of the attacks are possible due to the heavy feature set the devices contain poor quality design, implementation and testing."

      You say that like it makes any difference whatsoever.

      1 0 Reply
  2. Anon5000

    Love the story graphic, as listening with 3 eyes is better than 2 ears!

    What was the vulnerable device story about again? Got distracted...by the big shiney picture at the top of the last site on the internet not to use HTTPs for their login.

    2 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like