An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is able to store malicious firmware.
Metrics
Affected Vendors & Products
References
History
Thu, 10 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Audiocodes Ltd
Audiocodes Ltd voip Phones |
|
CPEs | cpe:2.3:h:audiocodes_ltd:voip_phones:*:*:*:*:*:*:*:* | |
Vendors & Products |
Audiocodes Ltd
Audiocodes Ltd voip Phones |
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-08-11T00:00:00
Updated: 2024-10-10T14:32:58.889Z
Reserved: 2023-01-11T00:00:00
Link: CVE-2023-22955
Vulnrichment
Updated: 2024-08-02T10:20:31.435Z
NVD
Status : Modified
Published: 2023-08-11T20:15:14.607
Modified: 2024-11-21T07:45:43.033
Link: CVE-2023-22955
Redhat
No data.