CVE-2023-22956
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2023-22956 is a high-severity vulnerability discovered in AudioCodes VoIP desk phones through version 3.4.4.1000. This vulnerability allows an attacker to decrypt encrypted configuration files and gain access to sensitive information due to the use of a hard-coded cryptographic key. The affected products include tzul5B, tzul5D, tzul5F, tzul5H, Z3R9lW, tzul49, and tzul4_. The risk score for this vulnerability is 26, with a base severity of HIGH and a base score of 7.5 according to [email protected]. No user interaction or privileges are required for exploitation, and the attack vector is through the network. The confidentiality impact is rated as HIGH while integrity impact is NONE and availability impact is NONE. Remediation steps are not provided in the provided information.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.