PT-2023-18195 · Unknown · Telephonyui
Published
2023-02-09
·
Updated
2023-02-21
·
CVE-2023-21428
CVSS v3.1
4.0
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
TelephonyUI versions prior to SMR Jan-2023 Release 1
Description
The issue is related to improper input validation in TelephonyUI, allowing attackers to configure Preferred Call. The patch for this issue removes unused code.
Recommendations
For versions prior to SMR Jan-2023 Release 1, update to SMR Jan-2023 Release 1 or later to resolve the issue.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Telephonyui