CVE-2026-2891
Poly · Voice IP devices (CCX, Trio, Edge E)
Poly Voice IP devices are susceptible to a denial-of-service condition when processing malformed data from a malicious SIP server.
Executive summary
A vulnerability in Poly Voice IP devices allows an attacker to render hardware inoperable by sending malformed data via a malicious SIP server.
Vulnerability
This is a denial-of-service vulnerability triggered when the device processes malformed data from an untrusted or malicious SIP server. The attack can be initiated by a remote actor capable of intercepting or controlling the SIP communication path.
Business impact
The exploitation of this vulnerability results in the total loss of availability for critical communication hardware. Given the CVSS score of 8.2, this high-severity flaw threatens business continuity by potentially disabling telephony systems across the enterprise, leading to significant operational disruption.
Remediation
Immediate Action: Identify and patch all affected Poly Voice IP devices using the latest firmware provided by the vendor.
Proactive Monitoring: Monitor network traffic for unusual SIP server interactions and maintain visibility over device uptime.
Compensating Controls: Restrict SIP traffic to known, trusted internal servers and implement network segmentation to isolate voice infrastructure from unauthorized external access.
Exploitation status
Public Exploit Available: false
Analyst recommendation
The reliance on critical communication infrastructure necessitates a prompt response to this vulnerability. Administrators should prioritize the deployment of vendor security updates to prevent potential service outages caused by malicious SIP traffic.