HP has released patches for a critical buffer overflow vulnerability in multiple IP-enabled conference phones from its Poly Voice line. The flaw allows unauthenticated attackers to obtain root privileges on the underlying operating system, potentially enabling them to execute other attacks such as eavesdropping on conversations and recording voice data for AI-enabled impersonation attacks. The vulnerability, tracked as CVE-2026-0826 , was discovered by researchers from security firm Rapid7 and resides in the code that parses Session Description Protocol (SDP) attributes when the Interactive Connectivity Establishment (ICE) feature is enabled. ICE enables VoIP devices to establish peer-to-peer connections using the shortest available network path. The feature is not enabled by default on HP Poly devices, and the company advises administrators to disable it if it’s not needed. The flaw, rated 9.2 on the CVSS severity scale, affects all phones from the HP Poly VVX series, as well as the Trio 8300, 8500, and 8800 IP conference devices. HP has fixed the flaw in its Poly Unified Communications Software (UCS) versions 6.4.8 for the VVX devices, 8.1.7 for the Trio 8300, and 7.2.8 for Trio 8500 and 8800. VoIP exploit is public for pen testing An exploit module targeting this vulnerability has already been developed and released for the widely used Metasploit penetration testing framework that’s maintained by Rapid7. The exploit executes code as root on an affected device with ICE enabled by sending a SIP INVITE request with a specially crafted candidate attribute. This attribute normally contains a transport address that can be used for connectivity checks and is part of the ICE RFC8839 standard. The buffer overflow bug is located in a helper function called ParseICECandidate in the polyapp binary that processes such requests on the device. “The start of the function contains a call to memcpy , which will copy the incoming string line being processed into a 256 byte stack buffer,” Stephen Fewer, senior principal security researcher at Rapid7, said in a blog post . “No length check is performed to ensure the incoming string length is less than 256 bytes. Therefore by providing a candidate attribute whose length is greater than 256 bytes, a stack-based buffer overflow will occur.” Address Space Layout Randomization (ASLR), a kernel feature that randomizes memory addresses to defeat buffer overflow exploits, is enabled on the device. However, the protection is not operating correctly on the HP Poly devices because it does not randomize the load addresses of .so (Shared Object) libraries. These libraries, such as libc , are loaded by other processes, including the polyapp process, and because their memory addresses never change, they can be leveraged to bypass ASLR and execute the attacker’s payload. “We create a ROP chain that will execute an arbitrary OS command via the system standard C library function,” Fewer said. “The accompanying Metasploit exploit modules source code details the entire ROP chain.” VoIP phones are attractive targets Attackers have increasingly targeted embedded devices inside enterprise networks in recent years because unlike laptops, workstations, and servers, these devices are not monitored by endpoint detection and response (EDR) products. As such, they provide perfect footholds inside corporate environments that allow attackers to remain undetected for long periods of time and attack other systems. In the age of AI these devices become even more relevant for attackers, going beyond corporate espionage by recording conversations or internal network pivoting. “Attackers no longer need massive datasets to make use of synthetic speech tooling,” Douglas McKee, Rapid7’s director of vulnerability intelligence, said in a blog post . “In many cases, they just need clean source audio of the right person saying enough words in enough contexts. That has made executive voice data, call recordings, and live conversation capture far more valuable than many organizations seem prepared to admit.” Attackers could collect audio and then use AI deepfakes to impersonate executives in calls to employees and business partners to authorize fraudulent transactions, gain access to sensitive systems, and more. “The concern is not just ‘someone might hear something confidential,’” McKee said. “That would be bad enough. The broader concern is that voice infrastructure can now support both traditional espionage objectives and modern AI-enabled fraud operations at the same time.”

AI summaries can be wrong sometimes—always verify important details using the source article.