An issue exists in libac_des3.so on AudioCodes VoIP desk phones up to and including 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root password.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
audiocodes c470hd firmware |
||
audiocodes c455hd firmware |
||
audiocodes c435hd firmware |
||
audiocodes 445hd firmware |
||
audiocodes 405hd firmware |
||
audiocodes c450hd firmware |