High severity7.8NVD Advisory· Published Aug 11, 2023· Updated Jun 17, 2026
CVE-2023-22955
CVE-2023-22955
Description
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of firmware images only consists of simple checksum checks for different firmware components. Thus, by knowing how to calculate and where to store the required checksums for the flasher tool, an attacker is able to store malicious firmware.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- AudioCodes/VoIP desk phonesdescription
- Range: <=3.4.4.1000
Patches
Vulnerability mechanics
References
4- www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2022-055.txtnvdExploitVendor Advisory
- packetstormsecurity.com/files/174214/AudioCodes-VoIP-Phones-Insufficient-Firmware-Validation.htmlnvdThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2023/Aug/17nvdMailing ListThird Party Advisory
- syss.denvdNot Applicable
News mentions
0No linked articles in our index yet.