CVE Vulnerabilities

CVE-2023-29059

Published: Mar 30, 2023 | Modified: Apr 10, 2023
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX DesktopApp Electron macOS application.

Affected Software

Name Vendor Start Version End Version
3cx 3cx 18.11.1213 18.11.1213
3cx 3cx 18.12.402 18.12.402
3cx 3cx 18.12.407 18.12.407
3cx 3cx 18.12.407 18.12.407
3cx 3cx 18.12.416 18.12.416
3cx 3cx 18.12.416 18.12.416

References