Physical Access Vulnerability: Unauthorized Factory Reset on Pingtel Xpressa SIP-based VoIP Phone

Physical Access Vulnerability: Unauthorized Factory Reset on Pingtel Xpressa SIP-based VoIP Phone

CVE-2002-0672 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 allows attackers with physical access to restore the phone to factory defaults without authentication via a menu option, which sets the administrator password to null.

Learn more about our Physical Security Assessment.