CVE-2023-4464
CVSS 3.1 Score 7.2 of 10 (high)
Details
Published Dec 29, 2023
Updated: May 17, 2024
CWE ID 78
Summary
CVE-2023-4464 is a critical vulnerability that affects multiple Poly Technologies IP phones, including Trio 8300, Trio 8500, and VVX series. The issue lies in the Diagnostic Telnet Mode component, which can be exploited through unknown processing to inject OS commands. Attacks can be initiated remotely, and the exploit has been made public. The identifier VDB-249257 was assigned to this vulnerability, and upgrading the affected component is recommended to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share