CVE-2002-0672

Name of the Vulnerable Software and Affected Versions Pingtel xpressa SIP-based voice-over-IP phone versions 1.2.5 through 1.2.7.4

Description The issue allows attackers with physical access to restore the phone to factory defaults without authentication via a menu option. This action sets the administrator password to null, potentially allowing unauthorized access.

Recommendations For versions 1.2.5 through 1.2.7.4, as a temporary workaround, consider restricting physical access to the phone to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.