Grandstream posted this today…

A security vulnerability has recently been discovered in the UCM series IP PBX firmware version 1.0.14.23 or older. We highly recommend that any UCM customer upgrade their firmware version to 1.0.14.24 or 1.0.15.13 as soon as possible in order to install a permanent fix to this issue.

The security vulnerability affects the UCM6100 series, UCM6200 series, and UCM6510. For more information on the details behind the security issue please read the special security bulletin below.

Grandstream Security Bulletin GS17-003

To upgrade your firmware, please visit the firmware page below and install either 1.0.14.24 (official release) or 1.0.15.13 (currently a beta release).

Grandstream Firmware Page

If you are not familiar with how to upgrade the firmware, please see below for a link to each UCM series user manual:

UCM6100 User Manualpage 349

UCM6200 User Manual page 336

UCM6510 User Manualpage 364

For additional support resources please see the options below. If you are opening a Help Desk ticket please be sure to log in with your ResellerConnect credentials to receive priority technical support.

Help Desk

Grandstream Forums

UCM Security Manual