CVE-2023-4466
CVSS 3.1 Score 4.9 of 10 (medium)
Details
Summary
CVE-2023-4466 is a newly disclosed vulnerability affecting Poly CCX 400, CCX 600, Trio 8800, and Trio C60. The weakness lies in an unknown functionality of the Web Interface component, resulting in protection mechanism failure. This issue can be exploited remotely. However, the vendor, Poly, does not consider it a vulnerability, as they offer custom firmware builds to meet various customer requirements. To mitigate roll-back attacks, they have removed affected builds from public servers. Despite this, the exploit has been made public, increasing the risk for potential attacks.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.