Man
Professional
- Messages
- 3,077
- Reaction score
- 614
- Points
- 113
The video conferencing system has received an urgent software update.
Experts from Positive Technologies have discovered a critical vulnerability CVE-2024-48352 in the Yealink Meeting Server video conferencing system, which could lead to the leakage of credentials, confidential information, and provide attackers with access to the corporate network. The issue was fixed by the vendor after being notified as part of its responsible disclosure policy, and users are advised to install the latest update.
According to open data, in October 2024, there were 461 systems with this vulnerability, most of which were located in China (64%), Russia (13%), Poland (5%), as well as in Indonesia, Brazil, Thailand, Finland, Iran, and Germany. Yealink products are widely used in the corporate environment, which makes such vulnerabilities especially dangerous.
Technically, the vulnerability allowed an unauthorized attacker to obtain the credentials of system users, which allowed access to information within the organization. In addition, the bug could be used to attack the corporate network with arbitrary code execution.
In 2024, this is the second time that a critical vulnerability has been identified in Yealink Meeting Server. Earlier in January, a bug was discovered that allowed an attacker to gain access to a server account. The joint exploitation of both vulnerabilities makes it possible to carry out a Pre-Auth RCE attack, which increases the risks for organizations that have not updated the software.
Video conferencing systems such as Yealink Meeting Server are widely used in businesses due to their wide range of features: they provide online meetings, webinars, and video calls with multi-participant support. However, their security largely depends on timely updates and control. In addition to basic measures such as patching, it is recommended to isolate video conferencing servers from the main corporate network, use two-factor authentication, and regularly test systems for vulnerabilities.
Incidents of this nature underscore the importance of regular software audits and updates, especially in an environment where online meetings have become an integral part of corporate operations.
Source
Experts from Positive Technologies have discovered a critical vulnerability CVE-2024-48352 in the Yealink Meeting Server video conferencing system, which could lead to the leakage of credentials, confidential information, and provide attackers with access to the corporate network. The issue was fixed by the vendor after being notified as part of its responsible disclosure policy, and users are advised to install the latest update.
According to open data, in October 2024, there were 461 systems with this vulnerability, most of which were located in China (64%), Russia (13%), Poland (5%), as well as in Indonesia, Brazil, Thailand, Finland, Iran, and Germany. Yealink products are widely used in the corporate environment, which makes such vulnerabilities especially dangerous.
Technically, the vulnerability allowed an unauthorized attacker to obtain the credentials of system users, which allowed access to information within the organization. In addition, the bug could be used to attack the corporate network with arbitrary code execution.
In 2024, this is the second time that a critical vulnerability has been identified in Yealink Meeting Server. Earlier in January, a bug was discovered that allowed an attacker to gain access to a server account. The joint exploitation of both vulnerabilities makes it possible to carry out a Pre-Auth RCE attack, which increases the risks for organizations that have not updated the software.
Video conferencing systems such as Yealink Meeting Server are widely used in businesses due to their wide range of features: they provide online meetings, webinars, and video calls with multi-participant support. However, their security largely depends on timely updates and control. In addition to basic measures such as patching, it is recommended to isolate video conferencing servers from the main corporate network, use two-factor authentication, and regularly test systems for vulnerabilities.
Incidents of this nature underscore the importance of regular software audits and updates, especially in an environment where online meetings have become an integral part of corporate operations.
Source
