[VoiceOps] New SPA2100/2102/1001 exploit in the wild?
ryandelgrosso at gmail.com
Fri Oct 18 20:33:04 EDT 2013
So just some additional information on this since i know a few others
were seeing security issues with these devices.
I have recently discovered that cisco recently terminated the last 40
engineers responsible for maintaining the SPA codebase (SPA ATAs and IP
phones and the new SPA112/122). This was done to free up the budget to
build a replacement product that will work more closely with their
hosted call manager product and less with 3rd party sip which isnt due
for several years.
They will of course continue to sell the SPA products but you may have
issues if you need anything custom done or need factory provisioning.
I found the timing of these events slightly curious as well.
Take this for what you will and if anyone out there has more information
please feel fre to chime in.
On 10/14/2013 04:08 PM, Ryan Delgrosso wrote:
> Hey all,
> I am seeing my fraud-o-meter tick up as of yesterday and it all seems
> to be driven by accounts attached to these devices. We have taken
> measures to start locking this down but I am wondering if anyone out
> there is seeing similar.
> It looks like somehow legacy devices that have been deployed for 5+
> years are having accounts lifted out of them.
> Does anyone have info on this exploit, or if you are seeing this as
> well and want to compare notes feel free to ping me.
> VoiceOps mailing list
> VoiceOps at voiceops.org
More information about the VoiceOps