Lots of companies -- and even the White House -- use a conference calling system that could possibly be tapped by hackers, according to new research.
On Thursday, cybersecurity experts at SEC Consult revealed a secret doorway that's built into a popular conference calling product built by a company called AMX.
AMX makes tablet panels used to control conference calls for businesses, government agencies and universities.
The company hard-coded backdoor access into its system.
AMX created a "secret account" with a permanent username and password, which means a hacker who already sneaked into a computer network could tap into actual meetings, if the hacker knew the backdoor access code.
It's a glaring security hole. more
Murray Associates Recommendation
A firmware update is available for products and systems incorporating the NetLinx NX Control platform:
NX Series Controllers
| NX-4200 |
FG2106-04 |
| NX-3200 |
FG2106-03 |
| NX-2200 |
FG2106-02 |
| NX-1200 |
FG2106-01 |
|
Massio® ControlPads
| MCP-106 |
FG2102-06X-X |
| MCP-108 |
FG2102-08-X |
|
Enova® DVX All-in-One Presentation Switchers
| DVX-3256HD |
FG1906-22/24 |
| DVX-3255HD |
FG1906-16/18 |
| DVX-3250HD |
FG1906-15/17 |
| DVX-2250HD |
FG1906-11/13 |
| DVX-2255HD |
FG1906-12/14 |
| DVX-2210HD |
FG1906-07/09 |
|
Firmware downloads require a current login and password for the AMX Account Center to access the protected Technical Documentation and Support Materials sections of the AMX by HARMAN website. Technical Support Staff within End User organizations should contact their authorized AMX Dealer or HARMAN Professional representative for assistance.
The flaws, found and reported by a resident white hat researcher, are being fixed. 
