Z6 Mag posted an article describing a pretty old vulnerability in the code of Avaya’s H323 phones. The issue allows a remote code execution, that can be used by a hacker to extract the audio from the speakerphone.
Recently after upgrading IP Office to release 10.1 we got calls from different customers who told us that they have about two seconds of silence at the beginning of a call. After researching with one of our customers we figured out that only 9608G phones are affected while other models (9611G, 9641GS) has no problems. In our tests showed that only outbound calls are affected and only calls with direct media (no VCM calls and no RTP relay calls) are affected.
The phone were running different firmware versions and we did an upgrade to 6.6401 as it is the latest firmware that ships with IP Office 10.1. But that didn’t help. Due to the fact that 9611 phones that run the same firmware have no issues we thought of a bad series of hardware. Continue reading →
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.