2 matches found
CVE-2023-22955
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...
CVE-2023-22955
AudioCodes VoIP desk phones up to version 3.4.4.1000 are affected. The vulnerability stems from firmware-image validation that uses only simple checksums, enabling an attacker who can influence the flasher tool to inject malicious firmware. Root cause: insufficient validation allowing firmware ta...