An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root password.
Metrics
Affected Vendors & Products
References
History
Fri, 11 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Audiocodes Ltd
Audiocodes Ltd voip Phones |
|
CPEs | cpe:2.3:h:audiocodes_ltd:voip_phones:*:*:*:*:*:*:*:* | |
Vendors & Products |
Audiocodes Ltd
Audiocodes Ltd voip Phones |
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-08-11T00:00:00
Updated: 2024-10-10T15:48:38.248Z
Reserved: 2023-01-11T00:00:00
Link: CVE-2023-22957
Vulnrichment
Updated: 2024-08-02T10:20:31.404Z
NVD
Status : Modified
Published: 2023-08-11T20:15:14.787
Modified: 2024-11-21T07:45:43.357
Link: CVE-2023-22957
Redhat
No data.