Here is a Select Sub-set of Zero-day Vulnerabilities where RedShift, Threat Intelligence and Condor Labs Identified and Helped Operators Protect Their Networks »
These flaws in software, hardware or firmware represent an unknown exploit in the wild that exposes a vulnerability where malicious activity, fraud and theft can occur. These previously unknown weaknesses are often exploited and attackers release malware before a developer team can create a patch to fix the zero-day vulnerability.
- September 21, 2020 – Social Engineering Hack Demonstrates Requirement for VoIP Threat Intelligence Analytics
- August 17, 2020 – Q3 2020 SIP Botnet Security Intelligence Report
- August 3, 2020 – RedShift Networks Security Advisory: Ransomware Attack on Call Centers [ English | Spanish ]
- July 21, 2020 – Asterisk – Vulnerability in Sangoma Asterisk 13.x, 16.x, and 17.x.
- July 15, 2020 – Cisco – Vulnerability in Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software
- July 15, 2020 – Mitel – Vulnerability in Wireless Devices Firmware 8.0 and 8.12
- July 15, 2020 – Huawei – Vulnerability in the SIP Module of Some Huawei Products
- July 15, 2020 – Mitel – Vulnerability in 6800 and 6900 SIP Series Phones
- July 15, 2020 – Asterisk – Vulnerability SIP request can change address of a SIP peer
- July 15, 2020 – Cisco – Vulnerability in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software
- July 15, 2020 – Cisco – Vulnerability in IOS XE Software Cause a Device to Reload
- July 15, 2020 – Snapdragon – Vulnerability Improper Input Validation
- July 15, 2020 – Snapdragon – Vulnerability in Buffer Overread
- May 21, 2020 – RedShift Networks Security Advisory: Rise in Voice Conference Join Attacks Due to COVID-19
- March 21, 2020 – RedShift Networks Security Advisory: Rise in Voice Attacks on a Global Level During COVID-19 Pandemic
- November 18, 2019 – Junos – Vulnerability in the SIP ALG packet Junos OS: 12.3X48
- November 18, 2019 – Junos – Vulnerability on MX Series 16.1
- November 18, 2019 – Cisco – Vulnerability Cisco IP Phone 8800 Series devices
- November 18, 2019 – Cisco – Vulnerability in library of Cisco IOS and IOS XE Software
- September 26, 2019 – Arcadyan – Vulnerability in SLT-00 Star (aka Swisscom Internet-Box) reconfiguration of the static routing table
- September 26, 2019 – Huawei – Vulnerability in CloudLink Phone 7900 insufficient TLS certificate verification MITM attacks
- September 26, 2019 – Cisco – Vulnerability in Cisco IP Phone 8800 Series allow an unauthenticated remote attacker to cause high disk utilization
- September 26, 2019 – Cisco – Vulnerability in Cisco IP Phone 8800 Series allow an unauthenticated remote attacker to write arbitrary files to the filesystem
- September 26, 2019 – Cisco – Vulnerability in Cisco IP Phone 8800 Series allow an unauthenticated remote attacker to conduct a cross-site request forgery (CSRF) attack
- September 26, 2019 – Cisco – Vulnerability in Cisco IP Phone 8800 Series could allow an unauthenticated attacker to bypass authorization
- September 26, 2019 – Cisco – Vulnerability in Cisco IP Phone 7800 and 8800 Series improperly validates user-supplied input during user authentication
- September 26, 2019 – Cisco – Vulnerability in Cisco SPA112, SPA525, and SPA5X5 Series
- September 26, 2019 – Cisco – Vulnerability in Cisco Meeting Server in specific coSpace parameters
- September 26, 2019 – Asterisk – Vulnerability in pointer dereference in chan_sip while handling SDP negotiation
- September 26, 2019 – Asterisk – Vulnerability in res_http_websocket.c
- September 26, 2019 – Asterisk – Vulnerability
- September 19, 2019 – Zenitel – Vulnerability in Norway IP-StationWeb
- September 19, 2019 – Asterisk – Vulnerability in Digium Buffer overflow in DNS SRV and NAPTR lookups
- September 19, 2019 – Asterisk – Stack consumption Vulnerability in the res_http_websocket.so module of Asterisk
- September 19, 2019 – Yealink – Vulnerability in Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) path information
- September 19, 2019 – Yealink – CSRF Vulnerability in Ultra-elegant IP Phone SIP-T41P
- September 19, 2019 – Yealink – Vulnerability in Ultra-elegant IP Phone SIP-T41P
- September 18, 2019 – FreePBX – Vulnerability in FreePBX core
- September 18, 2019 – Mitel – Vulnerability in MiVoice 5330e VoIP device
- September 18, 2019 – Asterisk – Vulnerability in Open Source 15.x
- September 18, 2019 – D-Link – Vulnerability in DWR series
- September 17, 2019 – Juniper – Vulnerability in Junos OS SRX Series devices
- September 10, 2019 – Cisco – Vulnerability in Cisco IP Phone 7800 Series and 8800 Series by altering the SIP replies
- September 10, 2019 – Cisco – Vulnerability in Session Initiation Protocol (SIP) protocol implementation of Cisco Unified Communications Manager
- September 10, 2019 – Cisco – Vulnerability in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) CPU usage
- September 10, 2019 – Cisco – Vulnerability in Cisco Meeting Server (CMS) software
- September 9, 2019 – Cisco – Vulnerability in Cisco IP Phone 7800 Series and 8800 series with malicious XML payload
- September 9, 2019 – Asterisk – Vulnerability Buffer overflow in Digium
- September 9, 2019 – Polycom – Vulnerability in Polycom VVX 500 and 601
- September 9, 2019 – Kamailio – Vulnerability an invalid header causes a segmentation fault and crashes
- September 7, 2019 – Cisco – Vulnerability in Cisco (ASA) and (FTD) Software
- September 7, 2019 – Kamailio – Vulnerability double “To” header
- September 5, 2019 – Asterisk – Vulnerability specific ACL rules block a SIP request
- August 30, 2019 – Cisco – Vulnerability in Cisco IOS XE Software
- August 30, 2019 – Cisco – Vulnerability in Cisco Small Business SPA514G IP Phones
- August 30, 2019 – Cisco – Vulnerability in Cisco denial of service (DoS) by sending high volumes of SIP INVITE traffic
- August 30, 2019 – Cisco – Vulnerability in Cisco IP Phone 7800 and 8800 Series dropped calls
- August 30, 2019 – Cisco – Vulnerability in Cisco IP Phone 6800, 7800, and 8800 Series allow to reload phone unexpectedly
- August 30, 2019 – Cisco – Vulnerability in Cisco application server allow DoS
- December 25, 2017 – Bug in PJSIP allow Remote Unauthenticated Sessions
- November 30, 2017 – Vulnerability in Cisco IP Phone 8800 Series allow DoS
- November 17, 2017 – PJSIP – Vulnerability in (pjlib and pjlib-util) allow potential to overflow
- October 20, 2017 – Bug in Cisco Small Business SPA51x Series IP Phone allow DoS
- October 20, 2017 – Bug in the implementation of (SIP) functionality in Cisco SPA50x, SPA51x, and SPA52x Series IP Phones
- September 15, 2017 – VOIP Security Risks and Countermeasures
- August 15, 2017 – Vulnerability in (SIP) on the Cisco TelePresence (VCS) allow DoS
- June 13, 2017 – Vulnerability in Cisco IP Phone 8800 Series allow remote attacker to cause a DoS
- June 8, 2017 – Vulnerability in Cisco TelePresence Endpoint allow a remote DoS
- June 3, 2017 – Security Threats in VOIP
- May 19, 2017 – VOIP Security with Asterisk
- April, 28, 2017 – The Terrible state of VOIP Security
- April 10th, 2017 – SnapShot – Stopping attacks that disrupts Voice Communications
- February 16, 2017 – VOIP Hacks on the rise
- February 14, 2017 – VoIP Security Guide and Protection Checklist
- January 17, 2017 – What Makes Your SIP Vulnerable to Attack
- January 17, 2017 – Avoid voice attacks with Security Update
- January 17, 2017 – What Makes your VOIP susceptible to attacks
- January 3, 2017 – Cloud VOIP operators indicating that attacks are growing
- November 30, 2016 – IBM warns of rising VOIP attacks
- October 6, 2016 – VOIP Security Risks and Countermeasures
- August 22, 2016 – Threat Intelligence report for the telecommunications industry
- August 18, 2016 – Security Threats in VOIP
- June 22, 2016 – VOIP vulnerabilities protection against evolving threats
- February 13, 2016 – Are You The Only One Using Your VOIP Phone