These phones are basically little computers. If an attacker can take control of it, they can do the same things from it that they could by using a rogue or compromised system on a network. The “eavesdropping mic” is just one of many ways the compromised phone could be used.
Yup, there is a demo out there of someone taking over a Cisco IP phone because basically it’s a computer. Even better, it’s a computer that allows privilege escalation via a kernel exploit if someone has access to the phone. Of course Lonervamp brings up one of the key issues, which is exfiltration. So if someone can eavesdrop on my very interesting heavy breathing during my deep research endeavors, they still have to get the data off the phone and out of the network. Remember back to Rich’s awesome data breach triangle. No exfiltration, no breach for you (in my Soup Nazi voice).
But all the same, folks just plug stuff into their networks without a lot of thought for how these devices can become weapons against them. At some point they will, or not.