CVE-2023-42717
CVE-2023-42717
In short
A telephony service fails to properly check user permissions, allowing someone to access sensitive information remotely without needing special privileges.
Technical detail
Missing permission validation in a telephony service enables unauthenticated or low-privileged remote attackers to access restricted information disclosure. The vulnerability requires network access to the service but no privilege escalation; the absence of authorization checks allows information leakage.
Summary generated and translated by AI from the official description.
In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed
Affected products
Unisoc (Shanghai) Technologies Co., Ltd. · SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →