Vulnerability Details CVE-2019-20032
An attacker with access to an InMail voicemail box equipped with the find me/follow me feature on Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices, may access the system's administration modem.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
Products affected by CVE-2019-20032
-
cpe:2.3:h:nec:sl1100:-
-
cpe:2.3:h:nec:sl2100:-
-
cpe:2.3:h:nec:sv8100:-
-
cpe:2.3:h:nec:sv9100:-
-
cpe:2.3:o:nec:sl1100_firmware:-
-
cpe:2.3:o:nec:sl1100_firmware:7.0
-
cpe:2.3:o:nec:sl2100_firmware:-
-
cpe:2.3:o:nec:sl2100_firmware:7.0
-
cpe:2.3:o:nec:sv8100_firmware:-
-
cpe:2.3:o:nec:sv8100_firmware:7.0
-
cpe:2.3:o:nec:sv9100_firmware:-
-
cpe:2.3:o:nec:sv9100_firmware:6.0
-
cpe:2.3:o:nec:sv9100_firmware:7.0