CVE-2024-48352

Name of the Vulnerable Software and Affected Versions Yealink Meeting Server versions prior to V26.0.0.67

Description The issue is related to insufficient protection of service data, allowing a remote attacker to gain access to user credentials. This can be achieved by sending an HTTP request with an enterprise ID. The vulnerability affects Yealink Meeting Server systems in 140 countries, with the majority located in China and Russia. It is reported that 461 systems are affected. Experts recommend isolating servers from the main network, applying two-factor authentication, and regularly testing systems.

Recommendations For Yealink Meeting Server versions prior to V26.0.0.67, update to version V26.0.0.67 or later to resolve the issue. As a temporary workaround, consider isolating the server from the main network to minimize the risk of exploitation. Apply two-factor authentication to add an extra layer of security. Regularly conduct system testing to identify and address potential vulnerabilities.