CVE-2024-30939

2024-04-2500:00:00

mitre

www.cve.org

yealink vp59

firmware vulnerability

account takeover

factory reset.

7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

An issue discovered in Yealink VP59 Teams Editions with firmware version 91.15.0.118 allows a physically proximate attacker to gain control of an account via a flaw in the factory reset procedure.

References

medium.com/%40deepsahu1/yealink-ip-phone-account-take-over-9bf9e7b847c0?source=friends_link&sk=b0d664dd5b3aad5b758e4934aca997ad