Manage Learn to apply best practices and optimize your operations.

Cisco TelePresence vulnerability: Mitigate default credentials issues

Network security expert Brad Casey discusses how to mitigate the vulnerability found in Cisco's TelePresence system triggered by default credentials.

A serious vulnerability was recently found in Cisco Systems Inc.'s TelePresence systems that could be triggered due to default credentials being left in place after system setup. Could you provide some security best practices that enterprises could implement for such systems, particularly in regard to the use of unique credentials?

Ask the Expert

Do you have a network security question for our expert? Submit it now via email! (All questions are anonymous)

This was a profound vulnerability, to say the least. Upon installation of the Cisco TelePresence software, an account is created with a default username and password. If an attacker with knowledge of default Cisco usernames and passwords connected to the Cisco TelePresence Web server, they would have administrative access to the system; at that point, the attacker would "own the box."

While a fix -- Cisco TelePresence System Software Release version 1.10.2 -- has been released, some older systems may not support the upgrade. In this case, Cisco recommends that customers:

  • Connect to the system.
  • Proceed to Cisco Unified CM Administration.
  • Select Device > Phone.
  • Search, and select the configured Cisco TelePresence unit.
  • Under the SSH information, change the username helpdesk to pwrecovery, then change the password.

In terms of best practices, the one I think is the most important, yet is overlooked, is that of default usernames and passwords -- especially if you have any Cisco devices within your infrastructure. It is critical to learn the default accounts that are on your network devices and change them. This is such a simple step -- and it's just a matter of adding an item to your setup checklist and knowing what those default credentials are -- but I am amazed at how often it is unheeded.

This was last published in April 2014

Dig Deeper on IPv6 security and network protocols security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.