Vulnerability Description
The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables "surveillance mode." NOTE: issues relating to a small ID number space can be leveraged to make this attack easier.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nortel | Multimedia Communication Server 5100 | All versions |
| Nortel | Multimedia Communication Server 5200 | All versions |
| Nortel | Communications Server | 1000e |
| Nortel | Ip Audio Conference Phone 2033 | All versions |
| Nortel | Ip Phone 1110 | All versions |
| Nortel | Ip Phone 1120E | All versions |
| Nortel | Ip Phone 1140E | All versions |
| Nortel | Ip Phone 1150E | All versions |
| Nortel | Ip Phone 2001 | All versions |
| Nortel | Ip Phone 2002 | All versions |
| Nortel | Ip Phone 2004 | All versions |
| Nortel | Ip Phone 2007 | All versions |
| Nortel | Wlan Handset 2210 | All versions |
| Nortel | Wlan Handset 2211 | All versions |
| Nortel | Wlan Handset 2212 | All versions |
| Nortel | Wlan Handset 6120 | All versions |
| Nortel | Wlan Handset 6140 | All versions |
| Nortel | Business Communications Manager | 50 |
| Nortel | Centrex Ip Client Manager | All versions |
| Nortel | Centrex Ip Element Manager | All versions |
Related Weaknesses (CWE)
References
- http://osvdb.org/41769
- http://secunia.com/advisories/27234Vendor Advisory
- http://securityreason.com/securityalert/3272
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654714Patch
- http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_surveillance_mode_v1.0.t
- http://www.securityfocus.com/archive/1/482478/100/0/threaded
- http://www.securityfocus.com/bid/26120ExploitPatch
- http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022870-01.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37255
- http://osvdb.org/41769
- http://secunia.com/advisories/27234Vendor Advisory
- http://securityreason.com/securityalert/3272
- http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654714Patch
- http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_surveillance_mode_v1.0.t
- http://www.securityfocus.com/archive/1/482478/100/0/threaded
FAQ
What is CVE-2007-5637?
CVE-2007-5637 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines allow remote attackers to eavesdr...
How severe is CVE-2007-5637?
CVE-2007-5637 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5637?
Check the references section above for vendor advisories and patch information. Affected products include: Nortel Multimedia Communication Server 5100, Nortel Multimedia Communication Server 5200, Nortel Communications Server, Nortel Ip Audio Conference Phone 2033, Nortel Ip Phone 1110.