CVE-2023-4466

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Dec 29, 2023
Updated: May 17, 2024
CWE ID 693

Summary

CVE-2023-4466 is a newly disclosed vulnerability affecting Poly CCX 400, CCX 600, Trio 8800, and Trio C60. The weakness lies in an unknown functionality of the Web Interface component, resulting in protection mechanism failure. This issue can be exploited remotely. However, the vendor, Poly, does not consider it a vulnerability, as they offer custom firmware builds to meet various customer requirements. To mitigate roll-back attacks, they have removed affected builds from public servers. Despite this, the exploit has been made public, increasing the risk for potential attacks.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share