15 matches found
EUVD-2015-8188
Malware in sbrugna...
EUVD-2019-2482
Malware in sbrugna...
Polycom BToE Connector 4.4.0.0 Buffer Overflow / Man-In-The-Middle
Microsoft® Lync™ Better Together over Ethernet BToE feature on Polycom® VVX® business media. phones enables you to control phone activity from your computer using your Lync client. The BToE feature enables you to place, answer, and hold audio and video calls from your Polycom VVX phone and your...
Authentication flaw
VVX products using UCS software version 5.9.2 and earlier with Better Together over Ethernet Connector BToE application version 3.9.1 and earlier provides insufficient authentication between the BToE application and the BToE component, resulting in leakage of sensitive information...
CVE-2019-10689
CVE-2019-10689 affects Polycom VVX family with UCS software ≤ 5.9.2 and Better Together over Ethernet Connector (BToE) ≤ 3.9.1. The root issue is insufficient authentication between the BToE application and the BToE component, which enables leakage of sensitive information. Public details in the ...
CVE-2019-10689
VVX products using UCS software version 5.9.2 and earlier with Better Together over Ethernet Connector BToE application version 3.9.1 and earlier provides insufficient authentication between the BToE application and the BToE component, resulting in leakage of sensitive information...
Hardcoded credentials
VVX products with software versions including and prior to, UCS 5.9.2 with Better Together over Ethernet Connector BToE application 3.9.1, use hard-coded credentials to establish connections between the host application and the device...
CVE-2019-10688
VVX products with software versions including and prior to, UCS 5.9.2 with Better Together over Ethernet Connector BToE application 3.9.1, use hard-coded credentials to establish connections between the host application and the device...
CVE-2019-10688
Summary: CVE-2019-10688 affects VVX (Polycom) devices running UCS 5.9.2 or earlier with Better Together over Ethernet Connector (BToE) 3.9.1. A hard-coded credential vulnerability enables connections between the host application and the device, enabling potential unauthorized access. The CVSS met...
Polycom BToE Connector Elevation of Privilege Vulnerability
Polycom BToE Connector is a BToE connector developed by Polycom. A security vulnerability exists in Polycom BToE Connector versions prior to 3.0.0, which originates from a program that assigns weak privileges to the x86\polycom\polycom btoe connector\plcmbtoesrv.exe program file. A local attacker...
Design/Logic Flaw
Polycom BToE Connector before 3.0.0 uses weak permissions Everyone: Full Control for "Program Files x86\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privileges via a Trojan horse file...
CVE-2015-8300
Polycom BToE Connector before 3.0.0 uses weak permissions Everyone: Full Control for "Program Files x86\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privileges via a Trojan horse file...
CVE-2015-8300
Polycom BToE Connector (pre-3.0.0) exposes weak permissions (Everyone: Full Control) on the file plcmbtoesrv.exe, enabling local privilege escalation via a Trojan horse/file replacement. Multiple sources corroborate that versions prior to 3.0.0 are affected; fixed in version 3.0.0 released March ...
CVE-2015-8300
Polycom BToE Connector before 3.0.0 uses weak permissions Everyone: Full Control for "Program Files x86\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privileges via a Trojan horse file...
Polycom BTOE Connector 2.3.0 Local Privilege Escalation
Title: Polycom BToE Connector up to version 2.3.0 allows unprivileged windows users to execute arbitrary code with SYSTEM privileges. Type of vulnerability: Privilege Escalation Exploitation vector: local Attack outcome: Code execution with SYSTEM privileges. Impact: CVSS Base Score 6,2 CVSS v2...