Whitepaper: Unintended lateral movement by privileged users through VoIP switches utilizing Centralized Directories for Interswitch Routing

Oct 2020 Albert, N.

Abstract

This whitepaper discusses an unintended configuration-based (non-technical) vulnerability that allows privileged users of a peer-to-peer VoIP network relying on a centralized directory for the purposes of interswitch routing to move laterally from switches participating in the peer-to-peer network to private switches that do not necessarily have a public presence, which may be potentially undesired behavior. The vulnerability stems not from any particular technical vulnerabilities but from operational and configurational oversights. The most common attack vector is likely to be a variant of DNS rebinding attack. The factors that allow a successful exploit to occur are discussed as well as several possible mitigations.

Suggested Citation: Albert, N. Whitepaper: Unintended lateral movement by privileged users through VoIP switches utilizing Centralized Directories for Interswitch Routing (10/6/2020). Available at https://public.interlinked.us/2