Cisco VoIP adapters have critical security flaws

(Image credit: Shutterstock)

While setting up a VoIP service in their home, security researchers at Tenable Research discovered a total of 19 vulnerabilities in VoIP adapters from Cisco's SPA100 Series.

If exploited, these vulnerabilities could allow an attacker to eavesdrop on a user's conversations, initiate fraudulent phone calls and even pivot further into their internal network.

Security researchers Andrew Orr and Alex Weber purchased Cisco's SPA112 and SPA122 Analog Telephone Adapters (ATA) which connect a landline phone to a VoIP network. However, the two became curious about the security of these devices which have a large attack surface and began to run tests to see if any vulnerabilities were present in their recently purchased hardware.

Upon further inspection, they found that leveraging the flaws they found in Cisco's devices would allow a cybercriminal to completely compromise the web interface of the adapters as well as the underlying operating system.

Cisco VoIP adapters

According to a blog post published by the security researchers, the flaws they discovered would enable an attacker to steal credentials, create superusers with full privileges and execute arbitrary code. They also explained how they were able to achieve privilege escalation on Cisco's VoIP adapters, saying:

“We were able to take the lower-privilege “cisco” user, leak the “admin” user’s password hash and then “pass-the-hash” to elevate our privileges. Separately, we were able to use an arbitrary file read to defeat ASLR, and then exploit a stack overflow to achieve code execution as root.”

Tenable Research informed Cisco PSIRT of the 19 vulnerabilities they discovered across seven Cisco security advisories and the networking giant has since addressed these flaws with a new 1.4.1 SR5 firmware release for their SPA 100 series devices.

By using Shodan, the security researchers were able to identify a total of 3,662 potentially vulnerable devices so if you're using a Cisco SPA 100 series VoIP adapter, it is highly recommended that you update to the latest firmware before these flaws are exploited in the wild.

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Phone & Communications
GlocalMe KeyTracker
When I tested this global tracker, it trounced the Apple AirTag in so many ways
Privacy Hero II
Privacy Hero II VPN Router
ThinkPhone 25 by Motorola
I reviewed the ThinkPhone 25 by Motorola and while it's not as fast as its predecessor, it's the superior phone in so many ways
FRITZ!Box 7690 WiFi 7 Router
FRITZ!Box 7690 router review
Ulefone Armor Pad 4 Ultra Thermal
Ulefone Armor Pad 4 Ultra Thermal rugged tablet review
Unihertz Tank Pad 8849
Unihertz Tank Pad 8849 rugged tablet review
Latest in News
inZOI promotional material.
inZOI has become the most wishlisted game on Steam, but I wouldn't get too caught up in the hype
Xbox Series X and Xbox wireless controller set to a green background
Xbox Insiders are currently testing a new Game Hub feature that looks useful, but I've got mixed feelings about it
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Microsoft Surface Laptop and Surface Pro devices on a table.
Hate Windows 11’s search? Microsoft is fixing it with AI, and that almost makes me want to buy a Copilot+ PC
Oura Ring 4
Activity tracking on Oura Ring is about to get a whole lot better, but I've got bad news about your step count
Google Pixel Buds Pro 2
Cleaned your Pixel Buds Pro 2 recently? If not, you might be getting worse sound