CVE-2024-52883

HighPublic PoC

Published: 07 February 2025

Published

07 February 2025

Modified

01 May 2025

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0020 42.0th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-52883 is a high-severity Path Traversal (CWE-22) vulnerability in Audiocodes One Voice Operations Center. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 42.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly mitigates path traversal by validating and sanitizing user-supplied file path inputs to block directory traversal sequences like '../'.

SI-2 Flaw Remediation good match

prevent

Requires timely identification, reporting, and remediation of the specific path traversal flaw through patching to OVOC 8.4.582 or later.

AC-3 Access Enforcement partial match

prevent

Enforces approved access authorizations to logical resources, preventing unauthorized reads of sensitive files despite path manipulation attempts.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1005 Data from Local System Collection

Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.

attack.mitre.org →

Why these techniques?

Path traversal in public-facing OVOC server directly enables T1190 exploitation for unauthenticated file reads, mapping to T1005 data access from local system.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to a path traversal vulnerability, sensitive data can be read without any authentication.

Deeper analysisAI

CVE-2024-52883 is a path traversal vulnerability (CWE-22) affecting AudioCodes One Voice Operations Center (OVOC) versions before 8.4.582. The flaw enables unauthenticated access to sensitive data through improper handling of file paths in requests. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), reflecting high confidentiality impact, network accessibility, low attack complexity, and no requirements for privileges or user interaction.

An unauthenticated attacker with network access to an affected OVOC instance can exploit this vulnerability by crafting requests that manipulate directory traversal sequences, such as using "../" patterns, to read arbitrary sensitive files on the server. Successful exploitation results in unauthorized disclosure of confidential information, potentially including configuration data, logs, or other proprietary files, without impacting integrity or availability.

Advisories provide further details on the issue, including SYSS-2024-075 available at https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-075.txt and the AudioCodes OVOC product page at https://www.audiocodes.com/solutions-products/products/management-products-solutions/one-voice-operations-center. The vulnerability was published on 2025-02-07, and upgrading to OVOC 8.4.582 or later addresses the path traversal flaw.