CVE-2023-39293
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Aug 14, 2023
Updated: Aug 21, 2023
CWE ID 77
Summary
CVE-2023-39293 is a critical Command Injection vulnerability affecting the MiVoice Office 400 SMB Controller versions prior to 1.2.5.24. This issue allows malicious actors to inject and execute arbitrary commands within the system context, potentially leading to serious security compromises. Successful exploitation could result in unauthorized access, data theft, or system damage. Users are strongly urged to update their controllers to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Mitel Networks