Cisco removed backdoor from VoIP and Jabber-controller

    image

    A couple of days ago, Cisco released a security update for Cisco Unified Communications Domain Manager, in which it removed the root SSH private SSH key.
    Yes, yes, you understood correctly - in the firmware of the VoIP controller not only the public key of the “support” account was stored, but also the private key that could be extracted from the firmware and connected to any controller with root user rights.

    There is nothing in the update note it is said about monitoring or tracking calls or messages, however, it is quite obvious that access to such data could be easily obtained as root.
    It should be noted that in some cases Cisco Unified Communications Domain Manager served Cisco Jabber as well.

    Security advisory

    Also popular now: