The remote code execution flaw enables root access and voice attacks on HP Poly VoIP phones, including eavesdropping and the ability to collect audio to generate deepfakes.