15.10.2019

Multiple Vulnerabilities in Poly IP Phones

Researchers of the Competence Center for IT-Security found multiple vulnerabilities in the Poly IP phones

Researchers of the Competence Center for IT-Security found multiple vulnerabilities in the Poly VVX 410 and VVX 411 IP phones and the associated Better Together over Ethernet (BToE) connector application. These vulnerabilities could be used to leak domain credentials of users, wiretap a phone and possibly to execute arbitrary code.

The full report is available for download.

Downloads