New Blog: Phwning the boardroom: hacking an Android conference phone
Our most recent public research project looked at something that's common to many offices, but might be overlooked from a security perspective: a conference phone.
We managed to gain root access and take full control of a Mitel MiVoice Conference/Video Phone (also known as the Mitel UC360), which could allow an attacker to listen into meetings without alerting the room’s occupants, disable the mute button so that private discussions could be heard by everyone on a call and maintaining a remote backdoor into the network environment.
"Conference phones are ubiquitous in modern offices, and often found in less secure areas such as meeting rooms where they are privy to sensitive discussions, whether hosting a call or just sat on the table,” said Neil Biggs, Head of Research at Context. “They also present an interesting attack surface, often in segregated VLANs that aren’t visible to an infrastructure penetration test so may get overlooked. It’s possible that organisations that have mature security posture might overlook the security of these kind of devices, but it’s important to have them tested.”