CVE-2023-22957

An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root password.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
http://packetstormsecurity.com/files/174215/AudioCodes-VoIP-Phones-Hardcoded-Key.html	Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2023/Aug/15	Exploit Mailing List Third Party Advisory
https://syss.de	Not Applicable
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-052.txt	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:h:audiocodes:c470hd:-:*:*:*:*:*:*:*

cpe:2.3:o:audiocodes:c470hd_firmware:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:h:audiocodes:c455hd:-:*:*:*:*:*:*:*

cpe:2.3:o:audiocodes:c455hd_firmware:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:h:audiocodes:c435hd:-:*:*:*:*:*:*:*

cpe:2.3:o:audiocodes:c435hd_firmware:*:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:h:audiocodes:445hd:-:*:*:*:*:*:*:*

cpe:2.3:o:audiocodes:445hd_firmware:*:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:h:audiocodes:405hd:-:*:*:*:*:*:*:*

cpe:2.3:o:audiocodes:405hd_firmware:*:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:h:audiocodes:c450hd:-:*:*:*:*:*:*:*

cpe:2.3:o:audiocodes:c450hd_firmware:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-08-11 20:15

Updated : 2023-08-22 16:45

NVD link : CVE-2023-22957

Mitre link : CVE-2023-22957

CVE.ORG link : CVE-2023-22957

JSON object : View

Products Affected

audiocodes

c470hd_firmware
c470hd
c435hd_firmware
c450hd_firmware
405hd_firmware
405hd
c435hd
c450hd
445hd_firmware
c455hd_firmware
c455hd
445hd

CWE

CWE-798

Use of Hard-coded Credentials

{"id": "CVE-2023-22957", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2023-08-11T20:15:14.787", "references": [{"url": "http://packetstormsecurity.com/files/174215/AudioCodes-VoIP-Phones-Hardcoded-Key.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://seclists.org/fulldisclosure/2023/Aug/15", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://syss.de", "tags": ["Not Applicable"], "source": "cve@mitre.org"}, {"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-052.txt", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of hard-coded cryptographic key, an attacker with access to backup or configuration files is able to decrypt encrypted values and retrieve sensitive information, e.g., the device root password."}], "lastModified": "2023-08-22T16:45:55.407", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:audiocodes:c470hd:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "775A2A42-B3C2-454E-9677-22512DA3A17E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:audiocodes:c470hd_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AD6593B-6088-4EBB-899E-42142251874E", "versionEndIncluding": "3.4.4.1000"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:audiocodes:c455hd:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "58D3A875-ADA0-4126-AE7F-3A27F6ECC6B9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:audiocodes:c455hd_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B673481-C80C-4C76-968A-034303233827", "versionEndIncluding": "3.4.4.1000"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:audiocodes:c435hd:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "054FD690-9C40-4ADA-910A-1E18D7F5E7E4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:audiocodes:c435hd_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B52B0A3-52A7-4E10-B054-201A2E2D37CF", "versionEndIncluding": "3.4.4.1000"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:audiocodes:445hd:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CF916875-0CAB-4185-8466-887DF7B78A7D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:audiocodes:445hd_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5E811CB-FDDD-4E7A-94AD-AD0EBA5F521F", "versionEndIncluding": "3.4.4.1000"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:audiocodes:405hd:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "67577D7D-EFCD-4CC1-8492-39D36817BAC8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:audiocodes:405hd_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A71440BE-ABF8-4DED-B211-94C9812B51E3", "versionEndIncluding": "3.4.4.1000"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:audiocodes:c450hd:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "64EFD9E4-D694-43E2-88A5-8FB7431C5B98"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:audiocodes:c450hd_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B3A5439-56D9-4E8D-A52B-EDBFA72BD3CB", "versionEndIncluding": "3.4.4.1000"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}