Backdoor in Tandberg desktop video systems
According to a report from Cisco, Tandberg Series Endpoints and Tandberg E/EX personal video conferencing systems contain undocumented root access for which no password is required. According to Cisco, which owns Tandberg, the account is intended for debugging, however, attackers could utilise it to gain complete control over a device.
The account is active and indeed cannot be deactivated in firmware versions prior to TC 4.0.0. The vendor has released an update which deactivates the account. Cisco's instructions for proposed workarounds are somewhat confusing. The company states that setting the password for the administrator account is of some help, as the administrator account and root account have the same password, despite the fact that they are different accounts. This begs the question of why no password has been set for the administrator account.
According to Cisco, information on the vulnerabilities was published in the autumn edition of hacker magazine 2600.