Impact
A vulnerability was detected in Yealink SIP‑T46U firmware 108.86.0.118, targeting the mod_upgrade.SparePartsUpload routine within the /api/upgrade/accupgradebychunk endpoint of the Firmware Chunk Upload handler. By manipulating the uid argument, an attacker can trigger a stack‑based buffer overflow, which corrupts the stack and allows arbitrary code execution or privilege escalation on the device. This exploit requires local network access, has been publicly disclosed, and Yealink is developing a patch.
Affected Systems
The vulnerability affects Yealink SIP‑T46U units running firmware version 108.86.0.118. No other versions or related Yealink products are listed as impacted in the current data.
Risk and Exploitability
The CVSS a high severity; the attack requires local network access and relies on the target device processing a crafted request to the vulnerable endpoint. The EPSS score is < 1% (0.00371), and the flaw is not listed in CISA KEV. Because the exploit is publicly disclosed, an attacker with local network presence could initiate the overflow, resulting in potentially full device compromise.
OpenCVE Enrichment