Why an HP Poly VoIP Phones Bug Could Become an Enterprise Foothold

Rapid7 disclosed CVE-2026-0826, a critical unauthenticated stack-buffer overflow in SDP parsing on HP Poly VVX and Trio VoIP phones that enables remote root RCE via specially crafted SIP INVITE messages containing oversized ICE candidate attributes; the report details memory corruption, practical ROP bypass of NX, affected models/firmware, and recommends disabling ICE and applying vendor patches.