• ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
We are proud to announce new Poly Studio Series video bars and remote room control with Poly Connect. Read more about the solutions!
HP Recommended

Hello all, I was just wondering...because I can't seem to find this information anywhere else...if anyone knew how the HDX family of codecs defends against replay attacks?  Do they use time stamps or SRTP or something like that?  The codecs that I have are fairly old as well.  Mostly HDX 7000's and a few HDX 8000's.  They're running software in the range of 2.7.0 through 3.1.11 and various versions in between..most are 2.7.3.2.  I just started a new position and am still taking stock of what gear I have in the various conference rooms that I'm managing as well as their security vulnerabilities. I'm fairly certain that none of the units are in an active service contract with Polycom either.  Any help would be greatly appreciated.  Thanks in advance!  

3 REPLIES 3
HP Recommended

The HDX was EOL in July 2019, There were several firmware updates in 2018-2019 to fix VTM's I believe. I would be sure you are at the last rev of 3.1.14

HP Recommended

Thanks for the response!  Please excuse my ignorance, but what is VTM?  Do you know where I can find documentation regarding replay attack security as it pertains to the Polycom HDX family?  The latest software I've found, that's approved for government use, is 3.1.11.  Which I've found here-

https://www.polycom.com/solutions/solutions-by-industry/us-federal-government/certification-accredit...

 

Software upgrades are in the air currently due to trying to figure out who that responsibility belongs to. Even in the guide for maximum security environments...I can't find anything that says, "This is what polycom uses to defend against replay attacks.."(I'm paraphrasing of course).  I'm also managing a couple Cisco VTC rooms.  Cisco's literature does specifically say, "This is what we use to defend against replay attacks.."(paraphrasing again).  I'll keep looking but any help in the right direction would be much appreciated.  Thanks in advance!  Have a great day!

HP Recommended

Sorry - VTM is what my org uses as an acronym for Vulnerability Threat Management. Do you know the CVE number for replay? 

† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.