Critical unauthenticated RCE vulnerability enables root access and call interception
Weekly insights on threats, vulnerabilities, and security best practices.
CVE-2026-2329 in Grandstream phones allows unauthenticated remote code execution with root privileges, exposing voice communications to interception and enabling lateral network movement.
CVE-2026-2329 stack-based buffer overflow in Grandstream GXP1600 VoIP phones allows unauthenticated remote code execution with CVSS 9.3 scoring, enabling network pivoting.
BeyondTrust Remote Support appliances face active exploitation of critical pre-authentication RCE vulnerability. Attackers achieve full system compromise without credentials.
