Buffer Overflow Vulnerability in Poly Voice Products by HP
CVE-2026-0826

9.2CRITICAL

Key Information:

Vendor: HP
Status: Poly Trio 8300; Poly Trio 8500; Poly Trio 8800
Vendor: CVE Published:; 1 June 2026

What is CVE-2026-0826?

A buffer overflow vulnerability exists in Poly Voice products when Interactive Connectivity Establishment (ICE) is enabled by the administrator. This flaw allows an attacker to execute remote code on affected devices running on the Linux platform, potentially compromising system integrity and data security. Proper validation and handling measures are essential to mitigate this risk.

Affected Version(s)

poly_trio_8300 Linux 0 < 8.1.7

poly_trio_8500 Linux 0 < 7.2.8

poly_trio_8800 Linux 0 < 7.2.8

References

https://support.hp.com/us-en/document/ish_15052661-150526...

CVSS V4

Score:

9.2

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2026
Vulnerability Reserved
Jan 9, 2026

CVE-2026-0826 Data

JSON