PT-2023-18240 · Unknown · Telephony Framework

Clément Lecigne

·

Publicado

2023-05-04

·

Atualizado

2023-05-10

·

CVE-2023-21487

CVSS v3.1

5.1

Média

VetorAV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Name of the Vulnerable Software and Affected Versions Telephony framework versions prior to SMR May-2023 Release 1
Description The issue is related to improper access control in the Telephony framework, allowing local attackers to modify call settings.
Recommendations For versions prior to SMR May-2023 Release 1, update to the SMR May-2023 Release 1 or later to resolve the issue.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2023-21487

Produtos afetados

Telephony Framework