A vulnerability has been discovered for the 3CX phone system which could allow an authorised user to gain admin access to the phone system’s management console.
We were alerted in the early hours of this morning that the vulnerability had been made public. To prevent any chance of the vulnerability being exploited whilst we were investigating the issue, we temporarily restricted remote access to the management console for any of our customers using 3CX as their phone system. We liaised with 3CX who confirmed that they had released a patch for the vulnerability in the latest update. The IT3000 team then spent time ensuring that all of our 3CX customers were running the latest version of the software.
Please ensure all of your devices, both business and personal, are kept up to date. Updates are a way for providers to fix and ‘patch’ any vulnerabilities that are discovered in order to keep your devices, and your data, safe.
If you have any questions or concerns please contact your account manager or get in touch with us on 01455 247 830 or email email@example.com.