High severity8.8NVD Advisory· Published Aug 25, 2017· Updated May 13, 2026

CVE-2017-12857

Description

Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. This vulnerability could allow an authenticated remote attacker to read a segment of the phone's memory which could contain an administrator's password or other sensitive information.

Affected products

Polycom/Unified Communications Software
cpe:2.3:o:polycom:unified_communications_software:*:*:*:*:*:*:*:*
Range: <=4.0.11

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-information-disclosure-on-polycom-voice-products-v1.0.pdfnvdMitigationVendor Advisory
www.securitytracker.com/id/1039309nvd

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000