Multiple safety vulnerabilities have been found in AudioCodes desk telephones and Zoom’s Zero Touch Provisioning (ZTP) characteristic, in accordance to analysis offered at the Black Hat USA safety convention. These vulnerabilities might permit attackers to achieve distant management of gadgets, listen in on communication, and assault company networks. The problem lies in Zoom’s ZTP, which lacks client-side authentication and will doubtlessly obtain malicious firmware from a rogue server. Additionally, the examine discovered authentication points in AudioCodes VoIP desk telephones, permitting for the decryption of delicate info. An attacker might doubtlessly exploit these vulnerabilities to remotely take over gadgets. Zoom has applied restrictions for brand spanking new prospects and plans to implement further safety enhancements in the future.
Source hyperlink