CVE-2023-4467

A vulnerability was found in Poly Trio 8800 7.2.6.0019 and classified as critical. Affected by this issue is some unknown functionality of the component Test Automation Mode. The manipulation leads to backdoor. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249260.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:poly:trio_8800_firmware:7.2.6.0019:*:*:*:*:*:*:*
cpe:2.3:h:poly:trio_8800:-:*:*:*:*:*:*:*

History

09 Jan 2024, 17:15

Type Values Removed Values Added
References
  • {'url': 'https://modzero.com/en/advisories/mz-23-01-poly-voip-devices/', 'name': 'https://modzero.com/en/advisories/mz-23-01-poly-voip-devices/', 'tags': ['Broken Link'], 'refsource': ''}
  • () https://modzero.com/en/advisories/mz-23-01-poly-voip/ -
  • () https://github.com/modzero/MZ-23-01-Poly-VoIP-Devices -

05 Jan 2024, 17:34

Type Values Removed Values Added
First Time Poly trio 8800
Poly trio 8800 Firmware
Poly
CPE cpe:2.3:o:poly:trio_8800_firmware:7.2.6.0019:*:*:*:*:*:*:*
cpe:2.3:h:poly:trio_8800:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.6
References () https://vuldb.com/?id.249260 - () https://vuldb.com/?id.249260 - Third Party Advisory, VDB Entry
References () https://vuldb.com/?ctiid.249260 - () https://vuldb.com/?ctiid.249260 - Permissions Required, Third Party Advisory, VDB Entry
References () https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11919.html - () https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11919.html - Not Applicable
References () https://modzero.com/en/advisories/mz-23-01-poly-voip-devices/ - () https://modzero.com/en/advisories/mz-23-01-poly-voip-devices/ - Broken Link

29 Dec 2023, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-29 10:15

Updated : 2024-05-17 02:31


NVD link : CVE-2023-4467

Mitre link : CVE-2023-4467

CVE.ORG link : CVE-2023-4467


JSON object : View

Products Affected

poly

  • trio_8800
  • trio_8800_firmware
CWE
CWE-912

Hidden Functionality