Main Menu

Login



Support Virus.Org

Help support Virus.Org by donating.
Donating allows us to keep this site free and pay the running costs of all our services.
Cisco Video Conferencing System Equipment Open to Compromise PDF Print E-mail
Written by Editor   
Wednesday, 02 February 2005 23:33
A whole range of Cisco Video Conferencing equipment is open to compromise due to hard coded Simple Network Management Protocol (SNMP) community strings. The issue affects Cisco IP/VC Videoconferencing System models in the 3510, 3520, 3525 and 3530 ranges. The following models are know to be affected:
  • Cisco IPVC-3510-MCU
  • Cisco IPVC-3520-GW-2B
  • Cisco IPVC-3520-GW-4B
  • Cisco IPVC-3520-GW-2V
  • Cisco IPVC-3520-GW-4V
  • Cisco IPVC-3520-GW-2B2V
  • Cisco IPVC-3525-GW-1P
  • Cisco IPVC-3530-VTA
Models from the remaining Cisco IP/VC ranges are not vulnerable. The affected models have hard coded SNMP community strings, which if know by an attacker with access to the device will allow them to take full control of the device.

At this time it is understood that Cisco will not be releasing any patches for this issue, however they have suggested a series of measures that can be taken to mitigate the risk, which can be found here in their advisory.

Add this page to your favorite Social Bookmarking websites
Digg! Reddit! Del.icio.us! Google! Live! Facebook! Technorati! StumbleUpon! Yahoo!
Last Updated ( Thursday, 14 September 2006 23:17 )