CVE-2023-30683

Name of the Vulnerable Software and Affected Versions Telecom versions prior to SMR Aug-2023 Release 1

Description The issue is related to improper access control, allowing local attackers to call the "endCall API" without permission. This can be exploited by attackers to potentially disrupt or manipulate call functionality.

Recommendations For versions prior to SMR Aug-2023 Release 1, consider restricting access to the "endCall API" until a patch is available. As a temporary workaround, disabling the API or limiting its functionality can help minimize the risk of exploitation.