CVE-2026-2891

Summary

The following Poly Voice IP devices, CCX, Trio, and Edge E, might be inoperable if they connect to a malicious SIP server and receive malformed data. HP is releasing updates to mitigate these potential vulnerabilities.

Affected Software

VendorProductVersion RangeStatus
HP IncCCX0 < 9.50affected
HP IncTrio C600 < 9.5.0affected
HP IncEdge E0 < 8.6.0affected

Weaknesses

  • CWE-400: CWE-400

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References