Security Center

To contact the Polycom Product Security Office (PSO) or to report a product security issue, please email security@polycom.com.

Date	ID #	Title
04-26-19	Security Advisory Version 1.0	Multiple Vulnerabilities in HDX Products Older than 3.1.14
04-22-19	Security Advisory Version 1.0	Hard Coded Credentials Vulnerability in VVX Products
02-20-19	Security Bulletin Version 1.0	HDX (versions older than 3.1.13) can be affected by multiple Botnets
01-24-19	Security Advisory Version 1.1	Cyber Threats Targeting Default Passwords
11-30-18	Security Bulletin Version 1.1	TLS 1.2 and Microsoft O365 Impacts to Polycom Products
11-05-18	Security Bulletin Version 1.0	Bluetooth Authentication Weakness Found in Trio
11-05-18	Security Bulletin Version 1.0	Stored Cross-Site Scripting Found in Trio
11-01-18	Security Bulletin Version 1.0	Remote Code Execution Vulnerability Found in Group Series
08-30-18	Security Bulletin Version 1.5	Worldwide H.323 and SIP Botnet Calling Video Systems
08-10-18	Security Bulletin Version 1.1	HDX SoftwareVersions Older than 3.1.12 and Omni Botnet
07-12-18	Security Advisory Version 1.9	Processor Based "Speculative Execution" Vulnerabilities AKA "Spectre" and "Meltdown" on Polycom Products
07-11-18	Security Advisory Version 1.2	Vulnerabilities in Polycom VVX Phones and UC Software
07-03-18	Security Advisory Version 1.0	Polycom UCS Software Vulnerabilities
06-26-18	Security Advisory Version 1.1	RealPresence Web Suite Vulnerability
05-10-18	Security Advisory Version 1.0	RealPresence Debut Vulnerabilities
03-05-18	Security Advisory Version 1.0	QDX 6000 Vulnerabilities
12-20-17	Security Advisory Version 1.2	"Krack" Vulnerability with Polycom Products
11-24-17	Security Advisory Version 1.2	Remote Code Execution on HDX Endpoints
10-18-17	Security Advisory Version 1.1	BlueBorne Bluetooth Vulnerabilities
08-28-17	Security Advisory Version 1.0	Information Disclosure on Multiple Polycom Products
08-11-17	Security Bulletin Version 1.1	WannaCry Vulnerability and Polycom Products
06-14-17	Security Bulletin Version 1.0	Relating to CVE-2017-7494 "SambaCry" Vulnerability and Polycom Products
03-22-17	Security Bulletin Version 1.0	Relating to CVE-2017-5638 "Apache Struts" Vulnerability and Polycom Products
10-26-16	Security Advisory Version 1.1	Relating to CVE-2016-5195 "Dirty COW" Vulnerability
09-20-16	Security Advisory Version 2.0	Relating to a Cross-site Scripting (XSS) Vulnerability in Polycom HDX Video Endpoints
09-13-16	Security Advisory Version 1.0	Relating to an XML External Entity (XXE) Vulnerability in Polycom HDX Video Endpoints)
04-06-16	Security Advisory Version 1.2	Relating to a GNU glibc DNS Vulnerability (CVE-2015-7547)
03-08-16	Security Bulletin Version 1.0	Relating to CVE-2016-0800 “DROWN” Vulnerability and Polycom Products
02-09-16	Security Office Update 2.0	Security Update Relating to H.323 and SIP AES Media Encryption on Polycom Products
12-16-15	Security Advisory Version 1.0	Relating to RealPresence Capture Server and RealPresence Media Suite Appliance Editions
12-09-15	Security Advisory Version 1.0	Relating to Path Traversal Vulnerabilities in Polycom VVX Business Media Phones
12-09-15	Security Bulletin Version 1.0	Polycom Recommended Best Security Practices for Unified Communications
10-23-15	Security Advisory Version 2.0	Relating to GHOST glibc Vulnerability
10-23-15	Security Advisory Version 1.6.1	Relating to Logjam Vulnerability
06-29-15	Security Bulletin Version 1.0	RealPresence Resource Manager 8.4 security fixes summary
06-23-15	Security Advisory Version 1.0	Relating to Command Shell Vulnerability in Polycom Group Series Video Endpoints
06-23-15	Security Advisory Version 1.0	Relating to Inadequate SSH Restrictions Vulnerability in Polycom Group Series Video Endpoints
06-23-15	Security Advisory Version 1.0	Relating to Software Update Vulnerability in Polycom Group Series Video Endpoints
06-23-15	Security Advisory Version 1.0	Relating to Weak Entropy Vulnerability in Polycom Group Series Video Endpoints Web Cookies
06-17-15	Security Bulletin Version 1.0	Relating to "Tomcat Denial of Service"
06-15-15	Security Bulletin Version 1.0	Relating to Leap Second Insertion
04-20-15	Security Bulletin Version 1.6	Relating to SSLv3 "POODLE" Vulnerability and Polycom Products
10-24-14	Security Advisory Version 1.7	Relating to Bash shell arbitrary code execution on Various Polycom Products
10-06-14	Security Bulletin Version 1.2	Relating to Multiple OpenSSL Vulnerabilities on Various Polycom Products
06-05-14	Security Advisory Version 1.12	Relating to OpenSSL Vulnerability “Heartbleed” on Various Polycom Products
12-20-13	Security Bulletin 5471	Relating to JBoss Application Server on RealPresence Resource Manager
03-14-13	Security Bulletin 102404	Security Advisory relating to telnet shell authorization bypass on Polycom HDX Video Endpoints
03-14-13	Security Bulletin 107522	Security Advisory Relating to the Firmware Update Command Injection Vulnerability on Polycom HDX Video Endpoints
03-14-13	Security Bulletin 107523	Security Advisory Relating to the Command Shell Vulnerability on Polycom HDX Video Endpoints
03-14-13	Security Bulletin 107524	Security Advisory Relating to the H.323 Format String Vulnerability on Polycom HDX Video Endpoints
03-14-13	Security Bulletin 107525	Security Advisory Relating to the H.323 CDR Database SQL Injection on Polycom HDX Video Endpoints
03-14-13	Security Bulletin 107526	Security Advisory Relating to the PUP File Header MAC Signature Bypass on Polycom HDX Video Endpoints