VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-phb4-xaj7-byg2

Vulnerability ID	VCID-phb4-xaj7-byg2
Aliases	CVE-2026-23741
Summary	Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/ast_coredumper runs as root, as noted by the NOTES tag on line 689 of the ast_coredumper file. The script will source the contents of /etc/asterisk/ast_debug_tools.conf, which resides in a folder that is writeable by the asterisk user:group. Due to the /etc/asterisk/ast_debug_tools.conf file following bash semantics and it being loaded; an attacker with write permissions may add or modify the file such that when the root ast_coredumper is run; it would source and thereby execute arbitrary bash code found in the /etc/asterisk/ast_debug_tools.conf. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.
Status	Published
Exploitability	0.5
Weighted Severity	0.0
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-427

System	Score	Found at
epss	0.00035	https://api.first.org/data/v1/epss?cve=CVE-2026-23741
epss	0.00035	https://api.first.org/data/v1/epss?cve=CVE-2026-23741
epss	0.00035	https://api.first.org/data/v1/epss?cve=CVE-2026-23741
epss	0.00035	https://api.first.org/data/v1/epss?cve=CVE-2026-23741
epss	0.00035	https://api.first.org/data/v1/epss?cve=CVE-2026-23741
epss	0.00035	https://api.first.org/data/v1/epss?cve=CVE-2026-23741
epss	0.00035	https://api.first.org/data/v1/epss?cve=CVE-2026-23741
epss	0.00035	https://api.first.org/data/v1/epss?cve=CVE-2026-23741
cvssv3.1	0	https://github.com/asterisk/asterisk/security/advisories/GHSA-rvch-3jmx-3jf3
ssvc	Track	https://github.com/asterisk/asterisk/security/advisories/GHSA-rvch-3jmx-3jf3

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2026-23741
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23741
1127438		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127438
GHSA-rvch-3jmx-3jf3		https://github.com/asterisk/asterisk/security/advisories/GHSA-rvch-3jmx-3jf3

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N Found at https://github.com/asterisk/asterisk/security/advisories/GHSA-rvch-3jmx-3jf3

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-06T17:22:49Z/ Found at https://github.com/asterisk/asterisk/security/advisories/GHSA-rvch-3jmx-3jf3

Exploit Prediction Scoring System (EPSS)

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T16:39:23.961990+00:00	Debian Oval Importer	Import	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.0.0