Arbitrary Code Execution Vulnerability in Avaya Aura Device Services (Versions 7.0-8.1.4.0)

Arbitrary Code Execution Vulnerability in Avaya Aura Device Services (Versions 7.0-8.1.4.0)

CVE-2021-25654 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An arbitrary code execution vulnerability was discovered in Avaya Aura Device Services that may potentially allow a local user to execute specially crafted scripts. Affects 7.0 through 8.1.4.0 versions of Avaya Aura Device Services.

Learn more about our User Device Pen Test.