Browse all 8 CVE security advisories affecting Poly. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Poly is a video conferencing and communication platform primarily used for business meetings and remote collaboration. Historically, it has been susceptible to multiple remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with 8 CVEs documented. Security researchers have identified authentication bypass flaws and insecure default configurations as recurring issues. In 2022, a critical RCE vulnerability (CVE-2022-24112) allowed unauthenticated attackers to execute arbitrary code on affected systems. The platform's complex attack surface and frequent updates contribute to ongoing security challenges, requiring organizations to maintain rigorous patch management and network segmentation to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-4466 | Poly CCX 400/CCX 600/Trio 8800/Trio C60 Web Interface protection mechanism — CCX 400CWE-693 | 2.7 | Low | 2023-12-29 |
| CVE-2023-4463 | Poly CCX 400/CCX 600/Trio 8800/Trio C60 HTTP Header denial of service — CCX 400CWE-404 | 5.3 | Medium | 2023-12-29 |
This page lists every published CVE security advisory associated with Poly. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.