Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2023-27362

3CX Uncontrolled Search Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 3CX. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-20026.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.9%
CVSS Severity
CVSS v3 Score 7.0
Products affected by CVE-2023-27362
  • 3cx » 3cx » Version: 18.0.0.1029
    cpe:2.3:a:3cx:3cx:18.0.0.1029
  • 3cx » 3cx » Version: 18.0.0.1142
    cpe:2.3:a:3cx:3cx:18.0.0.1142
  • 3cx » 3cx » Version: 18.0.0.1379
    cpe:2.3:a:3cx:3cx:18.0.0.1379
  • 3cx » 3cx » Version: 18.0.0.1608
    cpe:2.3:a:3cx:3cx:18.0.0.1608
  • 3cx » 3cx » Version: 18.0.0.1849
    cpe:2.3:a:3cx:3cx:18.0.0.1849
  • 3cx » 3cx » Version: 18.0.0.1863
    cpe:2.3:a:3cx:3cx:18.0.0.1863
  • 3cx » 3cx » Version: 18.0.0.1865
    cpe:2.3:a:3cx:3cx:18.0.0.1865
  • 3cx » 3cx » Version: 18.0.0.1871
    cpe:2.3:a:3cx:3cx:18.0.0.1871
  • 3cx » 3cx » Version: 18.0.0.1880
    cpe:2.3:a:3cx:3cx:18.0.0.1880
  • 3cx » 3cx » Version: 18.0.0.451
    cpe:2.3:a:3cx:3cx:18.0.0.451
  • 3cx » 3cx » Version: 18.0.1.214
    cpe:2.3:a:3cx:3cx:18.0.1.214
  • 3cx » 3cx » Version: 18.0.1.226
    cpe:2.3:a:3cx:3cx:18.0.1.226
  • 3cx » 3cx » Version: 18.0.1.234
    cpe:2.3:a:3cx:3cx:18.0.1.234
  • 3cx » 3cx » Version: 18.0.1.237
    cpe:2.3:a:3cx:3cx:18.0.1.237
  • 3cx » 3cx » Version: 18.0.2.302
    cpe:2.3:a:3cx:3cx:18.0.2.302
  • 3cx » 3cx » Version: 18.0.2.307
    cpe:2.3:a:3cx:3cx:18.0.2.307
  • 3cx » 3cx » Version: 18.0.2.314
    cpe:2.3:a:3cx:3cx:18.0.2.314
  • 3cx » 3cx » Version: 18.0.2.315
    cpe:2.3:a:3cx:3cx:18.0.2.315
  • 3cx » 3cx » Version: 18.0.3.444
    cpe:2.3:a:3cx:3cx:18.0.3.444
  • 3cx » 3cx » Version: 18.0.3.450
    cpe:2.3:a:3cx:3cx:18.0.3.450
  • 3cx » 3cx » Version: 18.0.3.461
    cpe:2.3:a:3cx:3cx:18.0.3.461
  • 3cx » 3cx » Version: 18.0.4.955
    cpe:2.3:a:3cx:3cx:18.0.4.955
  • 3cx » 3cx » Version: 18.0.4.964
    cpe:2.3:a:3cx:3cx:18.0.4.964
  • 3cx » 3cx » Version: 18.0.4.965
    cpe:2.3:a:3cx:3cx:18.0.4.965
  • 3cx » 3cx » Version: 18.0.5.331
    cpe:2.3:a:3cx:3cx:18.0.5.331
  • 3cx » 3cx » Version: 18.0.5.368
    cpe:2.3:a:3cx:3cx:18.0.5.368
  • 3cx » 3cx » Version: 18.0.5.384
    cpe:2.3:a:3cx:3cx:18.0.5.384
  • 3cx » 3cx » Version: 18.0.5.410
    cpe:2.3:a:3cx:3cx:18.0.5.410
  • 3cx » 3cx » Version: 18.0.5.414
    cpe:2.3:a:3cx:3cx:18.0.5.414
  • 3cx » 3cx » Version: 18.0.5.415
    cpe:2.3:a:3cx:3cx:18.0.5.415
  • 3cx » 3cx » Version: 18.0.5.418
    cpe:2.3:a:3cx:3cx:18.0.5.418
  • 3cx » 3cx » Version: 18.0.6.861
    cpe:2.3:a:3cx:3cx:18.0.6.861
  • 3cx » 3cx » Version: 18.0.6.889
    cpe:2.3:a:3cx:3cx:18.0.6.889
  • 3cx » 3cx » Version: 18.0.6.897
    cpe:2.3:a:3cx:3cx:18.0.6.897
  • 3cx » 3cx » Version: 18.0.6.905
    cpe:2.3:a:3cx:3cx:18.0.6.905
  • 3cx » 3cx » Version: 18.0.6.908
    cpe:2.3:a:3cx:3cx:18.0.6.908
  • 3cx » 3cx » Version: 18.0.7.296
    cpe:2.3:a:3cx:3cx:18.0.7.296
  • 3cx » 3cx » Version: 18.0.7.304
    cpe:2.3:a:3cx:3cx:18.0.7.304
  • 3cx » 3cx » Version: 18.0.7.311
    cpe:2.3:a:3cx:3cx:18.0.7.311
  • 3cx » 3cx » Version: 18.0.7.312
    cpe:2.3:a:3cx:3cx:18.0.7.312
  • 3cx » 3cx » Version: 18.0.7.424
    cpe:2.3:a:3cx:3cx:18.0.7.424
  • 3cx » 3cx » Version: 18.0.7.441
    cpe:2.3:a:3cx:3cx:18.0.7.441


Products
Pricing
Contact Us

Shodan ® - All rights reserved