Ang Cui has spent 10 years hacking into internet-connected office phones and other “embedded devices”—that is, devices that don’t look like computers or servers but have all the trappings: a processor, memory, and, often, the ability to connect to other devices or the internet. As the founder of Red Balloon Security, Cui spends plenty of time evaluating sophisticated industrial control systems and even satellite infrastructure, but he still comes back to IP phones as a barometer for how much progress has been made securing the Internet of Things. His latest research indicates that there’s still a long way to go.

At the SummerCon security conference in New York City on Friday, Cui and his Red Balloon colleague Yuanzhe Wu are presenting new findings about a vulnerability in more than a dozen models of Cisco IP desk phones. It can be exploited only with physical access to a target device, but if an attacker has managed that, they could gain full control of the phone, which they could then use to eavesdrop on calls, bug the surrounding room, or for other malicious activities. 

“Cisco has released software updates for this issue and is not aware of malicious use of the vulnerability described in the advisory,” a Cisco spokesperson told WIRED in a statement, referring to a security notification the company published on Wednesday.

However, Red Balloon’s researchers say that Cisco’s patch doesn’t entirely eliminate the vulnerability; it just makes the bug more difficult to exploit. That’s because the vulnerability they uncovered isn’t actually in code that Cisco can rewrite or control. Instead, it resides in low-level firmware developed by the chipmaker Broadcom for processors that Cisco uses as an additional hardware security feature. This also means that the same vulnerability is likely present in other embedded devices that utilize the same Broadcom chips.

Broadcom did not return multiple requests from WIRED for comment, but Cisco said on Wednesday that the flaw is in Broadcom’s firmware implementation.

“Look, we’ve all been here before with me disclosing IP phone bugs to Cisco, and they’ve come a long way in a lot of respects,” Cui told WIRED ahead of SummerCon. “But the fact that there’s a vulnerability in here is not surprising. Ultimately, these things are not more secure than they were 10 years ago.”

The Red Balloon Security researchers tested the vulnerability on a Cisco 8841 phone, which contains a Broadcom BCM 911360 TrustZone chip that’s specially designed to provide a hardware “root of trust” for the phone. Hardware roots of trust can strengthen a device’s overall security. Microsoft, for example, is currently making a big push for users to adopt them as part of the Windows 11 system requirements. The idea is to add an extra chip running code that is immutable and can’t be fundamentally altered by the device’s main processor. In this way, the TrustZone can be trusted to essentially watch the rest of the system and implement security protections like boot monitoring without risk that it itself has been corrupted.

Hardware roots of trust can raise the bar for a device’s security, but in practice they also create a “who watches the watcher” conundrum. If there are vulnerabilities in a hardware security feature, they silently undermine the integrity of the entire device.

The Broadcom chip the researchers studied in Cisco phones has an application programming interface that allows limited interaction for things like setting up device encryption services. The researchers found a flaw in the API, though, that could allow attackers to trick it into executing commands it shouldn’t be allowed to accept.