Insecure Permissions in 3CX Phone 15 on Windows: Privilege Escalation Vulnerability
CVE-2019-14935 · MEDIUM Severity
AV:L/AC:L/AU:N/C:P/I:P/A:P
3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp" installation directory, allowing Full Control access for Everyone, and leading to privilege escalation because of a StartUp link.
Learn more about our Web Application Penetration Testing UK.