Security exploits found in wireless UC presentation systems
While wireless UC presentation systems make it easy for workers to send video to TVs, they are also network appliances. Wireless US presentation systems utilize either the production LAN or a private network. Regardless of what the connection path, a wireless UC presentation system lives on the network.
Wireless presentation devices on the network are why the discovery of 15 exploits by Tenable, as initially covered by my colleague, Shelly Kramer, in last week’s Futurum Tech News brief, is so troubling.
Initially, the security firm was looking into the Crestron AirMedia AM-100 line. During the investigation, Tenable uncovered the AM-100 shared code with several other products on the market, which include Optoma WPS-Pro, Blackbox, InFocus LiteShow, Extron ShareLink, and Barco wePresent. It appears to be the Barco product that is the originator of the vulnerable code.
The Risk of Unauthenticated Remote Control
The term “unauthenticated remote” appears throughout the report from Tenable. The ‘unauthenticated’ part of that phrase means that a bad actor without the proper authorization could potentially gain access to the wireless UC presentation system remotely, without physically being in your office or building.
Let’s talk about the risks there. The website Shodan.io is a search engine for network-connected devices. Users can search web domains and well as manufacturers. For instance, doing a search on Shodan for AM-100, the Crestron device, produced 1,713 device results. These wireless UC presentation systems are in locations all over the world, ranging from the United States to China. The search results on Shodan report country of origin, IP address, and MAC address in some cases. With this information, a hacker could remotely gain access to your device.
What is being done to help customers protect wireless UC presentation systems?
The Tenable report outlines the communication it had with manufacturers in advance of the public release of their findings, which began in January and continued into April. It was clearly Tenable’s hope that the manufacturers involved would quickly develop a patch to protect the potentially compromised UC presentation systems.
Barco has borne the bulk of the responsibility as the originator of the vulnerable code and has been very involved in communication with Tenable. The rest of the wireless UC presentation system manufacturers attempted to meet Tenable’s publication deadline, however, Crestron did not make the deadline for having a patch. Crestron did, however, recently discontinue the AM-100 and released new versions in the AM-200 and AM-300.
Extron and Barco appear to be the most receptive to input from Tenable. Barco was unable to provide the firm a list of companies who used their code, and Tenable was also able to discover a number of them on their own.
What this means for your wireless UC presentation
So, what does this mean for your wireless UC presentation system? Depending on which system you have in your huddle spaces, you have some phone calls to make. If your wireless UC presentation system is one of the ones potentially vulnerable who have yet to apply a patch, oyu should immediately disable them for the time being. Barco and Extron systems will need to have a firmware patch applied, and your IT department can handle this. If they don’t feel comfortable doing so, contact the original installer.
Remember to regard Wireless UC presentation systems as potential threat vectors
Once you do your own due diligence here, and realize that you are either in the clear or in need of a patch, keep the threat that wireless UC presentation systems pose as threat vectors in mind—and make sure your IT team is part of an ongoing conversation in that regard. Wireless UC presentation systems are convenient ways for teams to collaborate and share information, but as you can no doubt see, they are also potential threat vectors that pose considerable risk to your organization. Keeping up on the various security vulnerabilities is as important as Windows security updates or any other regularly updated software updates. Partner with your IT department and UC presentation device installation company to make sure you are protected.
Read some of my other recent articles:
The original version of this article was first published on Futurum Research.
Latest posts by Tim Albright (see all)
- What to do Now That Skype for Business Online is Going Away - August 8, 2019
- Why the Zoom Exploit Resulted in a Net Positive for the Company - July 30, 2019
- UCaaS Should Be the Next Service You Add - July 3, 2019