CVE-2024-30939

2024-04-2519:15:49

[email protected]

web.nvd.nist.gov

yealink

vp59

teams editions

firmware

vulnerability

factory reset

account compromise

7.1 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

An issue discovered in Yealink VP59 Teams Editions with firmware version 91.15.0.118 allows a physically proximate attacker to gain control of an account via a flaw in the factory reset procedure.

References

medium.com/%40deepsahu1/yealink-ip-phone-account-take-over-9bf9e7b847c0?source=friends_link&sk=b0d664dd5b3aad5b758e4934aca997ad