IP Phone Webpage Modification Vulnerability in HP Products
CVE-2026-5923

6MEDIUM

Key Information:

Vendor

HP

Vendor
CVE Published:
8 July 2026

What is CVE-2026-5923?

A vulnerability has been identified in certain HP IP phones that enables an attacker to modify the contents of the device's webpage by exploiting a stolen cookie. This exploitation can result in unauthorized changes to critical settings or data displayed on the device, potentially leading to further security breaches or denial of service. Users of affected HP IP phone models are encouraged to implement security measures and stay updated with vendor recommendations.

Affected Version(s)

Poly CCX 0 < 9.50

Poly Edge E 0 < 8.6.0

Poly Trio C60 0 < 9.5.0

References

CVSS V4

Score:
6
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.