Explore the world of VoIP phone vulnerabilities in this 41-minute conference talk from the 44CON Information Security Conference. Dive into past projects and future prospects before examining the architecture and attack targets of VoIP systems. Learn about firmware access techniques, including SPI, UART, and bootloader examples. Discover various emulation approaches and firmware vulnerabilities, such as null pointer dereference and web-based findings. Investigate command injection techniques, password bypass methods, and stack-based buffer overflows in ARM devices. Gain insights into exploit development challenges, device overviews, and vulnerability assessments. Conclude with valuable recommendations for users, administrators, and developers, as well as key lessons learned in VoIP security.