Attacker Can Gain Control of Account via Flaw in Factory Reset Procedure
CVE-2024-30939

Currently unrated

Key Information:

Vendor: Yealink
Vendor: CVE Published:; 25 April 2024

What is CVE-2024-30939?

An issue discovered in Yealink VP59 Teams Editions with firmware version 91.15.0.118 allows a physically proximate attacker to gain control of an account via a flaw in the factory reset procedure.

References

https://medium.com/%40deepsahu1/yealink-ip-phone-account-...

Timeline

Vulnerability published
Apr 25, 2024