Polycom Unified Communications Software — known CVE vulnerabilities
Every CVE whose affected-product data names Polycom Unified Communications Software, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2017-12857 — CVSS 8.8 (high): Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0…
CVE-2019-12948 — CVSS 8.3 (high): A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC…
CVE-2019-10688 — CVSS 6.8 (medium): VVX products with software versions including and prior to, UCS 5.9.2 with Better Together over Ethernet Connector (BToE) application…
CVE-2019-10689 — CVSS 6.5 (medium): VVX products using UCS software version 5.9.2 and earlier with Better Together over Ethernet Connector (BToE) application version 3.9.1 and…
CVE-2018-18568 — CVSS 5.9 (medium): Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by…
CVE-2018-18566 — CVSS 5.3 (medium): The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration…