CVE-2024-9579
EUVD-2024-5003205.11.2024, 17:15
A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware flaw does not properly sanitize user input. The exploitation of this vulnerability is dependent on a layered attack and cannot be exploited by itself.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| hp | poly_tc8_firmware | 𝑥 < 6.3.2 |
| hp | poly_tc10_firmware | 𝑥 < 6.3.2 |
| hp | poly_studio_g7500_firmware | 𝑥 < 4.3.2 |
| hp | poly_studio_x30_firmware | 𝑥 ≤ 4.3.2 |
| hp | poly_studio_x50_firmware | 𝑥 < 4.3.2 |
| hp | poly_studio_x70_firmware | 𝑥 < 4.3.2 |
| hp | poly_studio_x52_firmware | 𝑥 < 4.3.2 |
| hp | poly_studio_g62_firmware | 𝑥 < 4.3.2 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| poly | tc8_firmware | 𝑥 < 6.3.2 | ADP |
| poly | tc10_firmware | 𝑥 < 6.3.2 | ADP |
| poly | g7500_firmware | 𝑥 < 4.3.2 | ADP |
| poly | studio_x30_firmware | 𝑥 < 4.3.2 | ADP |
| poly | studio_x50_firmware | 𝑥 < 4.3.2 | ADP |
| poly | studio_x70_firmware | 𝑥 < 4.3.2 | ADP |
| poly | studio_x52_firmware | 𝑥 < 4.3.2 | ADP |
| poly | studio_g62_firmware | 𝑥 < 4.3.2 | ADP |