Has anyone been able to perform an *authenticated* vulnerability scan of a CCX phone that is in Teams mode?

Teams mode doesn't seem to allow the SSH server to be enabled, unless I am missing something.

I would like to do an authenticated scan to examine for vulnerabilities in the operating system and installed software.  Similar to an authenticated scan of a Windows workstation or a Linux server.  Any suggestions on how to do this on a CCX phone are appreciated.

-Fred