An issue exists in libac_des3.so on AudioCodes VoIP desk phones up to and including 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root password.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
audiocodes c470hd_firmware |
||
audiocodes c455hd_firmware |
||
audiocodes c435hd_firmware |
||
audiocodes 445hd_firmware |
||
audiocodes 405hd_firmware |
||
audiocodes c450hd_firmware |