CVE-2023-30024
- Reference to the description:
- Description:
- The MagicJack device, a VoIP solution for internet phone calls, contains a hidden NAND flash memory partition allowing unauthorized read/write access. Attackers can exploit this by replacing the original software with a malicious version, leading to ransomware deployment on the host computer. Affected devices have firmware versions prior to magicJack A921 USB Phone Jack Rev 3.0 V1.4.
- Last updated date:
- 05/12/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 05/10/2023
- Reference url to background
https://drive.google.com/drive/folders/1cKd8hksThK610GPtBQ3du8DEkwKywlAi?usp=sharing
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 05/10/2023
- Reference url to background
https://samuraisecurity.co.uk/red-teaming-0x01-click-rce-via-voip-usb/