Backdoor found in spy platform used by law enforcement


A software application used by law enforcement organizations to intercept the voice communications of suspected criminals has multiple security weaknesses, some of them critical in nature. This includes an undocumented backdoor with a hardcoded password and the ability to gain remote unauthenticated access to intercepted voice recordings, say security researchers from Austria-based SEC Consult Vulnerability Lab.

The bugs were found in a product called NICE Recording eXpress voice recording, and nine flaws were disclosed to NICE as they were discovered. SEC Consult went public after five holes remained unpatched nearly six months after they had been reported. The details could be found in the security advisory published here. The root backdoor vulnerability is understood to be among those that had been resolved.

"Attackers are able to completely compromise the voice recording / surveillance solution as they can gain access to the system and database level and listen to recorded calls without prior authentication," wrote the researcher. "Furthermore, attackers would be able to use the voice recording server as a jumphost for further attacks of the internal voice VLAN, depending on the network setup."

On its part, NICE downplayed the risks, and said that customers were notified of the flaws. "We do not believe any of our customers have been impacted by the items raised in this report, as these systems are deployed in a very secure environment and are not accessible outside of the organization," said NICE comms director Erik Snider to The Register, though details were unclear.

Update: New Statement from NICE Systems on May 30, 2014

NICE Systems announced that as of 2 p.m. EDT today, they have made available a new release that includes the remaining fixes to the issues in the NICE Recording eXpress, Cybertech eXpress and Cybertech Myracle products, identified in a recent consulting report. NICE is currently notifying customers, none of whom have reported any issues.

For more:
- check out this article at The Register
- check out this article at Ars Technica

Related Articles:
NYT hack highlights registrar security weakness
The WiFi Pineapple makes it easy to hack wireless devices