Security exploits found in wireless UC presentation systems

While wireless UC presentation systems make it easy for workers to send video to TVs, they are also network appliances. Wireless US presentation systems utilize either the production LAN or a private network. Regardless of what the connection path, a wireless UC presentation system lives on the network.

Wireless presentation devices on the network are why the discovery of 15 exploits by Tenable, as initially covered by my colleague, Shelly Kramer, in last week’s Futurum Tech News brief, is so troubling.

Initially, the security firm was looking into the Crestron AirMedia AM-100 line. During the investigation, Tenable uncovered the AM-100 shared code with several other products on the market, which include Optoma WPS-Pro, Blackbox, InFocus LiteShow, Extron ShareLink, and Barco wePresent. It appears to be the Barco product that is the originator of the vulnerable code.

The Risk of Unauthenticated Remote Control

The term “unauthenticated remote” appears throughout the report from Tenable. The ‘unauthenticated’ part of that phrase means that a bad actor without the proper authorization could potentially gain access to the wireless UC presentation system remotely, without physically being in your office or building.

Let’s talk about the risks there. The website Shodan.io is a search engine for network-connected devices. Users can search web domains and well as manufacturers. For instance, doing a search on Shodan for AM-100, the Crestron device, produced 1,713 device results. These wireless UC presentation systems are in locations all over the world, ranging from the United States to China. The search results on Shodan report country of origin, IP address, and MAC address in some cases. With this information, a hacker could remotely gain access to your device.

What is being done to help customers protect wireless UC presentation systems?

The Tenable report outlines the communication it had with manufacturers in advance of the public release of their findings, which began in January and continued into April. It was clearly Tenable’s hope that the manufacturers involved would quickly develop a patch to protect the potentially compromised UC presentation systems.

Barco has borne the bulk of the responsibility as the originator of the vulnerable code and has been very involved in communication with Tenable. The rest of the wireless UC presentation system manufacturers attempted to meet Tenable’s publication deadline, however, Crestron did not make the deadline for having a patch. Crestron did, however, recently discontinue the AM-100 and released new versions in the AM-200 and AM-300.

Extron and Barco appear to be the most receptive to input from Tenable. Barco was unable to provide the firm a list of companies who used their code, and Tenable was also able to discover a number of them on their own.

What this means for your wireless UC presentation

So, what does this mean for your wireless UC presentation system? Depending on which system you have in your huddle spaces, you have some phone calls to make. If your wireless UC presentation system is one of the ones potentially vulnerable who have yet to apply a patch, oyu should immediately disable them for the time being. Barco and Extron systems will need to have a firmware patch applied, and your IT department can handle this. If they don’t feel comfortable doing so, contact the original installer.

Remember to regard Wireless UC presentation systems as potential threat vectors

Once you do your own due diligence here, and realize that you are either in the clear or in need of a patch, keep the threat that wireless UC presentation systems pose as threat vectors in mind—and make sure your IT team is part of an ongoing conversation in that regard. Wireless UC presentation systems are convenient ways for teams to collaborate and share information, but as you can no doubt see, they are also potential threat vectors that pose considerable risk to your organization. Keeping up on the various security vulnerabilities is as important as Windows security updates or any other regularly updated software updates. Partner with your IT department and UC presentation device installation company to make sure you are protected.

Futurum Research provides industry research and analysis. These columns are for educational purposes only and should not be considered in any way investment advice. 

Read some of my other recent articles:

UC Trends: Cross-device, Cross-platform, Better Functionality

Poly Rebrand: Poly Folly. Why the Rebrand Might Not Make Sense

Author Information

Tim Albright

Timothy Albright is Analyst in Residence at Futurum Research where he covers the Collaboration, Unified Communication and ProAV space. Tim is also the founder of AVNation, an audiovisual industry B2B media firm. Taking the data, ideas, and objectives of clients and industry leaders and turning them into easily digestible content is where Timothy has lived and worked for the last twenty years. His career has lead him into broadcast television and radio, education, programming, digital media production, and has been teaching and producing podcasts since 2006. Over the last ten years, Timothy has been focused on researching where business communication is and where it is going. This includes working with education, healthcare, and Fortune 1000 companies leverage their existing infrastructure to help their employees and customers communicate more effectively and efficiently. In addition to hosting and producing a weekly AV and UC news program, he has contributed to several industry-leading publications. Timothy has lead industry discussions around the globe and is a highly sought-after moderator for his ability to bring the real-world uses into conversations and panel discussions.