PT-2025-5979 · Audiocodes · Audiocodes Mediant Session Border Controller

Moritz Abrell

Published

2025-02-07

Updated

2025-02-07

CVE-2024-52884

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions AudioCodes Mediant Session Border Controller (SBC) versions prior to 7.40A.501.841

Description An issue was discovered due to the use of weak password obfuscation/encryption. An attacker with access to configuration exports (INI) is able to decrypt the passwords.

Recommendations For versions prior to 7.40A.501.841, update to version 7.40A.501.841 or later to resolve the issue. As a temporary workaround, consider restricting access to configuration exports (INI) to minimize the risk of exploitation.

Fix

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-327

Related Identifiers

CVE-2024-52884

Affected Products

Audiocodes Mediant Session Border Controller

PT-2025-5979 · Audiocodes · Audiocodes Mediant Session Border Controller

CVE-2024-52884

Weakness Enumeration

Related Identifiers

Affected Products

References · 7