![]() |
Avaya 4602SW SIP Phone accepts SIP requests from random source IP address
OverviewAvaya 4602SW IP Phone accepts SIP requests from random source IP address allowing an attacker to send malicious messages directly to the phone. ImpactAttacker can bypass the security mechanisms implemented at the server by sending malicious messages directly to the phone. Description
Avaya 4602SW can be used as a SIP-based IP phone in conjunction a SIP call server. After successfully registering with SIP registrar, the phone is ready to make and receive calls. As a best practice the SIP endpoint should accept SIP requests from a configured SIP server. However, 4602SW IP phone accepts SIP INVITE requests from a random source IP address. This may allow an attacker to send malicious messages directly to the phone bypassing any security mechanisms that may be in place at the server. Solution
Phone SIP stack implementations should be patched to accept SIP requests from configured server. Alternatively, separate voice and data VLANs can be used with a firewall at the crossover point. For more information on any of these threat advisories, please email Sipera VIPER Lab at viper@sipera.com |
UC Security Defined
Sipera Systems, the leader in real-time Unified
Communications (UC) security, is the choice of enterprises
and service providers around the world to support their
mission-critical UC deployments.
Sipera offers groundbreaking, production-proven solutions
that secure voice, video, messaging, collaboration, and
other real-time communications in converged IP networks,
boosting compliance with information security requirements.
Backed by the industry-leading research of the VIPER lab,
Sipera's solutions provide comprehensive threat protection,
policy enforcement, access control, and encryption in a
single flexible appliance.