Details of VAR-202602-1571

ID

VAR-202602-1571

CVE

CVE-2026-23741

DESCRIPTION

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/ast_coredumper runs as root, as noted by the NOTES tag on line 689 of the ast_coredumper file. The script will source the contents of /etc/asterisk/ast_debug_tools.conf, which resides in a folder that is writeable by the asterisk user:group. Due to the /etc/asterisk/ast_debug_tools.conf file following bash semantics and it being loaded; an attacker with write permissions may add or modify the file such that when the root ast_coredumper is run; it would source and thereby execute arbitrary bash code found in the /etc/asterisk/ast_debug_tools.conf. This issue has been patched in versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2.

Trust: 1.0

sources: NVD: CVE-2026-23741

AFFECTED PRODUCTS

vendor:	sangoma	model:	asterisk	scope:	lt	version:	23.2.2	Trust: 1.0
vendor:	sangoma	model:	certified asterisk	scope:	lte	version:	18.9	Trust: 1.0
vendor:	sangoma	model:	asterisk	scope:	lt	version:	21.12.1	Trust: 1.0
vendor:	sangoma	model:	asterisk	scope:	gte	version:	21.0.0	Trust: 1.0
vendor:	sangoma	model:	asterisk	scope:	lt	version:	20.18.2	Trust: 1.0
vendor:	sangoma	model:	asterisk	scope:	gte	version:	23.0.0	Trust: 1.0
vendor:	sangoma	model:	asterisk	scope:	lt	version:	22.8.2	Trust: 1.0
vendor:	sangoma	model:	certified asterisk	scope:	eq	version:	20.7	Trust: 1.0
vendor:	sangoma	model:	asterisk	scope:	gte	version:	22.0.0	Trust: 1.0

sources: NVD: CVE-2026-23741

CVSS

SEVERITY

CVSSV2

CVSSV3

security-advisories@github.com:	CVE-2026-23741
value:	NONE
Trust: 1.0
nvd@nist.gov:	CVE-2026-23741
value:	HIGH
Trust: 1.0

security-advisories@github.com:	CVE-2026-23741
baseSeverity:	NONE
baseScore:	0.0
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	0.0
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2026-23741
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0

sources: NVD: CVE-2026-23741 // NVD: CVE-2026-23741

PROBLEMTYPE DATA

problemtype:

CWE-427

Trust: 1.0

sources: NVD: CVE-2026-23741

EXTERNAL IDS

db:

NVD

id:

CVE-2026-23741

Trust: 1.0

sources: NVD: CVE-2026-23741

REFERENCES

url:

https://github.com/asterisk/asterisk/security/advisories/ghsa-rvch-3jmx-3jf3

Trust: 1.0

sources: NVD: CVE-2026-23741

SOURCES

db:

NVD

id:

CVE-2026-23741

LAST UPDATE DATE

2026-02-19T23:32:16.172000+00:00

SOURCES UPDATE DATE

db:

NVD

id:

CVE-2026-23741

date:

2026-02-18T18:42:31.550

SOURCES RELEASE DATE

db:

NVD

id:

CVE-2026-23741

date:

2026-02-06T17:16:26.427