CVE Catalog

CVE-2026-2891

HighCVSS 8.2
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

17th percentile — higher than 17% of all known CVEs

Summary

A vulnerability in Poly Voice IP devices (CCX, Trio, Edge E) may render them inoperable when connecting to a malicious SIP server and receiving malformed data. HP is releasing updates to mitigate this risk.

Risk Assessment

An attacker can remotely disable VoIP devices, causing voice communication outages and potential operational losses.

Recommendation

Immediately apply HP firmware updates for CCX, Trio, and Edge E models. Restrict trusted SIP connections to verified servers only.

Original NVD description (English source)

The following Poly Voice IP devices, CCX, Trio, and Edge E, might be inoperable if they connect to a malicious SIP server and receive malformed data. HP is releasing updates to mitigate these potential vulnerabilities.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS