Security Advisory

CVE-2024-29149

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-07 00:00:00

Last updated 2024-08-02 01:10:53

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Alcatel-Lucent ALE NOE deskphones through 86x8_NOE-R300.1.40.12.4180 and SIP deskphones through 86x8_SIP-R200.1.01.10.728. Because of a time-of-check time-of-use vulnerability, an authenticated attacker is able to replace the verified firmware image with malicious firmware during the update process.

← Browse all CVEs View on cve.org ↗