Yealink Forums
Security Concerns regarding the AES key encryption using factory default key - Printable Version

+- Yealink Forums (http://forum.yealink.com/forum)
+-- Forum: IP Phone Series (/forumdisplay.php?fid=4)
+--- Forum: Auto Provisioning (/forumdisplay.php?fid=14)
+--- Thread: Security Concerns regarding the AES key encryption using factory default key (/showthread.php?tid=42025)



Security Concerns regarding the AES key encryption using factory default key - jeffrey.zhao@iptcloud.com - 08-13-2018 03:34 AM

Hi all
During the phone initial auto provisioning, the MAC oriented encryption AES key is delivered via the MAC_Security.enc file, which is encrypted with Yealink factory default key.

I am wondering whether there is possibility that the factory default key is leaked via special engineering method, like TTL, hack into the phone OS, etc.