admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2023/22xxx/CVE-2023-22955.json
CVE Team 52c7165ad8
"-Synchronized-Data."
2023-08-17 19:00:34 +00:00

77 lines
2.7 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-22955",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is able to store malicious firmware."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://syss.de",
"refsource": "MISC",
"name": "https://syss.de"
},
{
"refsource": "MISC",
"name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-055.txt",
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-055.txt"
},
{
"refsource": "FULLDISC",
"name": "20230815 Missing Immutable Root of Trust in Hardware (CWE-1326) / CVE-2023-22955",
"url": "http://seclists.org/fulldisclosure/2023/Aug/17"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/174214/AudioCodes-VoIP-Phones-Insufficient-Firmware-Validation.html",
"url": "http://packetstormsecurity.com/files/174214/AudioCodes-VoIP-Phones-Insufficient-Firmware-Validation.html"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink