Cyber Security News

Critical Grandstream Phone Vulnerability Exposes Calls to Interception

CybersecurityNews
Critical Grandstream Phone Vulnerability Exposes Calls to Interception

A critical stack-based buffer overflow in Grandstream GXP1600 phones (CVE-2026-2329) can allow unauthenticated attackers to execute code as root and intercept calls. Rapid7 reported the flaw and Grandstream issued a firmware patch (1.0.7.81), though exploitation requires skill. #Grandstream #CVE2026-2329

Keypoints

  • CVE-2026-2329 is a stack-based buffer overflow enabling unauthenticated remote code execution as root on GXP1600 phones.
  • An attacker can extract local and SIP account credentials to enable silent call interception and eavesdropping.
  • With root access, an adversary can repoint SIP settings to their infrastructure while the phone appears to function normally.
  • Rapid7 disclosed technical details and Grandstream released firmware 1.0.7.81 to remediate the issue within about a week.
  • Exploitation requires knowledge and skill, but the vulnerability lowers the barrier for attacks and devices have previously been targeted.

Read More: https://www.securityweek.com/critical-grandstream-phone-vulnerability-exposes-calls-to-interception/