Lucene search
K

20 matches found

OSV
OSV
added 2025/10/15 5:15 p.m.7 views

CVE-2025-20350

A vulnerability in the web UI of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to a buffer overflow...

7.5CVSS6.1AI score0.00446EPSS
Exploits0References1
CVE
CVE
added 2025/10/15 4:15 p.m.18 views

CVE-2025-20350

CVE-2025-20350 affects Cisco Desk Phone 9800 Series, Cisco IP Phone 7800/8800 Series, and Cisco Video Phone 8875 running Cisco SIP Software. The issue is a stack/heap buffer overflow when the device processes HTTP input in the web UI, leading to a DoS where the device reloads. Exploitation requir...

7.5CVSS6.9AI score0.00446EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-8139

Malware in sbrugna...

5.9CVSS6.6AI score0.0131EPSS
Exploits0References5
OSV
OSV
added 2025/09/03 6:15 p.m.3 views

CVE-2025-20336

A vulnerability in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 could allow an unauthenticated, remote attacker to access sensitive information on an affected device. This vulnerability exists because the product expose...

7.5CVSS5.8AI score
Exploits0References1
The Hacker News
The Hacker News
added 2023/08/12 11:34 a.m.36 views

Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping

Multiple security vulnerabilities have been disclosed in AudioCodes desk phones and Zoom's Zero Touch Provisioning ZTP that could be potentially exploited by a malicious attacker to conduct remote attacks. "An external attacker who leverages the vulnerabilities discovered in AudioCodes Ltd.'s des...

7.5AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/08/11 8:15 p.m.2 views

CVE-2023-22955

An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...

7.8CVSS7.1AI score0.003EPSS
Exploits2References5
OSV
OSV
added 2023/08/11 8:15 p.m.5 views

CVE-2023-22955

An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...

7.8CVSS5.8AI score0.003EPSS
Exploits2References4
OSV
OSV
added 2023/08/11 8:15 p.m.4 views

CVE-2023-22956

An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information...

7.5CVSS5.8AI score0.01131EPSS
Exploits2References4
Prion
Prion
added 2023/08/11 8:15 p.m.31 views

Hardcoded credentials

An issue was discovered in libacdes3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root passwor...

5CVSS7.5AI score0.01131EPSS
Exploits2References4Affected Software6
Prion
Prion
added 2023/08/11 8:15 p.m.22 views

Design/Logic Flaw

An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...

4.3CVSS7.6AI score0.003EPSS
Exploits2References4Affected Software6
Cvelist
Cvelist
added 2023/08/11 12:0 a.m.39 views

CVE-2023-22957

An issue was discovered in libacdes3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root passwor...

7.7AI score0.01131EPSS
Exploits2References4
CVE
CVE
added 2023/08/11 12:0 a.m.47 views

CVE-2023-22956

CVE-2023-22956 – AudioCodes VoIP desk phones are affected up to firmware 3.4.4.1000. The root cause is the use of a hard-coded cryptographic key, enabling an attacker to decrypt encrypted configuration files and retrieve sensitive information. Evidence from multiple sources confirms the issue and...

7.5CVSS7.4AI score0.01131EPSS
Exploits2References4Affected Software1
Cvelist
Cvelist
added 2023/08/11 12:0 a.m.30 views

CVE-2023-22956

An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a hard-coded cryptographic key, an attacker is able to decrypt encrypted configuration files and retrieve sensitive information...

7.7AI score0.01131EPSS
Exploits2References4
CNNVD
CNNVD
added 2023/08/11 12:0 a.m.4 views

AudioCodes VoIP Trust Management Issues Vulnerability

AudioCodes VoIP is a series of desk phones from the Israeli company AudioCodes. A security vulnerability exists in AudioCodes VoIP desk phones version 3.4.4.1000 and earlier versions, which stems from the use of hard-coded keys in libacdes3.so...

7.5CVSS6.7AI score0.01131EPSS
Exploits2References5
Vulnrichment
Vulnrichment
added 2023/08/11 12:0 a.m.13 views

CVE-2023-22957

An issue was discovered in libacdes3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root passwor...

6.8AI score0.01131EPSS
Exploits2References4
Cvelist
Cvelist
added 2023/08/11 12:0 a.m.32 views

CVE-2023-22955

An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is...

7.8AI score0.003EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2023/08/11 12:0 a.m.4 views

PT-2023-18796 · Audiocodes · Audiocodes Voip Desk Phones

Name of the Vulnerable Software and Affected Versions: AudioCodes VoIP desk phones versions through 3.4.4.1000 Description: An issue was discovered where the validation of firmware images only consists of simple checksum checks for different firmware components. This allows an attacker, by knowin...

7.8CVSS7.5AI score0.003EPSS
Exploits2References11
CVE
CVE
added 2023/08/11 12:0 a.m.67 views

CVE-2023-22957

The CVE-2023-22957 issue affects AudioCodes VoIP desk phones (libac_des3.so) through firmware up to 3.4.4.1000. The root cause is a hard-coded cryptographic key, enabling an attacker with access to backups or configuration files to decrypt encrypted values and retrieve sensitive information (e.g....

7.5CVSS7.5AI score0.01131EPSS
Exploits2References4Affected Software1
CVE
CVE
added 2023/08/11 12:0 a.m.42 views

CVE-2023-22955

AudioCodes VoIP desk phones up to version 3.4.4.1000 are affected. The vulnerability stems from firmware-image validation that uses only simple checksums, enabling an attacker who can influence the flasher tool to inject malicious firmware. Root cause: insufficient validation allowing firmware ta...

7.8CVSS7.5AI score0.003EPSS
Exploits2References4Affected Software1
Wired Threat Level
Wired Threat Level
added 2020/02/05 4:56 p.m.36 views

Cisco Flaws Put Millions of Workplace Devices at Risk

Five vulnerabilities in Cisco Discovery Protocol make it possible for a hacker to take over desk phones, routers, and more...

3.5AI score
Exploits0
Rows per page
Query Builder