Chris Watts - Tech Analysis Finds Unauthenticated Remote Dial Vulnerability CVE-2015-0670.

Congratulations to Chris for continued efforts in making communications a bit safer.

Cisco Small Business SPA 300 and 500 Series IP phones contain a vulnerability that allows an unauthenticated, remote attacker to listen to a remote audio stream from an affected device or to gain access to make phone calls remotely. A successful exploit could be used to conduct further attacks.