An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root password.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-08-11T00:00:00
Updated: 2024-08-02T10:20:31.404Z
Reserved: 2023-01-11T00:00:00
Link: CVE-2023-22957
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-08-11T20:15:14.787
Modified: 2023-08-22T16:45:55.407
Link: CVE-2023-22957
Redhat
No data.