Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-48625 | 1 Yealink | 1 Configuration Encryption Tool | 2025-08-26 | N/A | 7.5 HIGH |
| Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key pair, and thus there is a risk of decryption by an adversary. | |||||
| CVE-2024-24681 | 1 Yealink | 1 Configuration Encryption Tool | 2025-03-25 | N/A | 9.8 CRITICAL |
| An issue was discovered in Yealink Configuration Encrypt Tool (AES version) and Yealink Configuration Encrypt Tool (RSA version before 1.2). There is a single hardcoded key (used to encrypt provisioning documents) across customers' installations. | |||||