CVE-2023-0343

Summary

Akuvox E11 contains a function that encrypts messages which are then forwarded. The IV vector and the key are static, and this may allow an attacker to decrypt messages.

Affected Software

VendorProductVersion RangeStatus
AkuvoxE11Allaffected

Weaknesses

  • CWE-329 Generation of Predictable IV with CBC

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References