OpenAPI Access Vulnerability in Yealink YMCS Product
CVE-2025-52918
Currently unrated
What is CVE-2025-52918?
The Yealink YMCS product suffers from a significant vulnerability that fails to restrict OpenAPI access for frozen enterprise accounts. This flaw allows unauthorized users to exploit deactivated interfaces, which could lead to potential data breaches or unauthorized access to sensitive information. Organizations utilizing affected versions are advised to upgrade to the latest version to safeguard their systems and ensure proper access controls are in place.