Danger over the phone

Researchers at Fraunhofer SIT find serious security flaws in VoIP telephones Fraunhofer SIT

The security experts at Fraunhofer SIT tested a total of 33 VoIP telephone devices from 25 different manufacturers for flaws and vulnerabilities. For this purpose, they examined the devices’ web-based user interfaces , which administrators can use to configure the phones.

Even the security experts were surprised by the results: “We didn't expect to find so many critical gaps, because these devices have been on the market for a long time and they should have been tested and secure,” explains Stephan Huber, one of the researchers involved in the study.

One type of vulnerability was so severe that the security researchers were able to gain complete administrative control over the VoIP phone. “This is a total security failure”, says scientist Philipp Roskosch, who was involved in the investigation as well.

Attackers could also use this to manipulate other devices in the same network, such as other VoIP telephones, computers or production machines. This attack was possible with seven devices. Another attack scenario was a denial of service attack that took VoIP phones out of action. This can damage the business of customer hotlines, e.g. banks or insurance companies.

The security researchers informed all the manufacturers of the VoIP telephones investigated about the vulnerabilities found; they all reacted and closed the gaps. The Fraunhofer SIT experts therefore advise all users to keep their own devices up to date and to pay attention to updates for the device firmware.

Further technical details on the VoIP telephones investigated and the gaps can be found on the Internet at www.sit.fraunhofer.de/cve 

Media Contact

Oliver Küch Fraunhofer-Institut für Sichere Informationstechnologie SIT

All latest news from the category: Information Technology

Here you can find a summary of innovations in the fields of information and data processing and up-to-date developments on IT equipment and hardware.

This area covers topics such as IT services, IT architectures, IT management and telecommunications.

Back to home

Comments (0)

Write a comment

Newest articles

Memory Self-Test via Smartphone

… Can Identify Early Signs of Alzheimer’s disease. Dedicated memory tests on smartphones enable the detection of “mild cognitive impairment”, a condition that may indicate Alzheimer’s disease, with high accuracy….

The Sound of the Perfect Coating

Fraunhofer IWS Transfers Laser-based Sound Analysis of Surfaces into Industrial Practice with “LAwave”. Sound waves can reveal surface properties. Parameters such as surface or coating quality of components can be…

Customized silicon chips

…from Saxony for material characterization of printed electronics. How efficient are new materials? Does changing the properties lead to better conductivity? The Fraunhofer Institute for Photonic Microsystems IPMS develops and…

Partners & Sponsors