A vulnerability in the chat implementation of ProCall client for Windows could allow hackers with access to the chat functionality of ProCall Enterprise over the network to execute commands through a chat message.
estos has already released a software update to address the vulnerability. As a workaround, the chat functionality of ProCall Enterprise can be temporarily disabled.
This vulnerability affects all previously released versions of ProCall 6 Enterprise and ProCall 7 Enterprise.
- 7.0, 7.1 (all sub-versions)
- 6.0, 6.1, 6.2, 6.3, 6.4 (all sub-versions)
As a workaround, the chat functionality can be completely disabled to prevent the chat window from opening.
Versions with bug fixes
estos has already released updates with fixes to the vulnerability. Customers and partners can obtain updates through the known channels and follow the normal update process.
- ProCall 7 Enterprise ≥ 22.214.171.12486
- ProCall 6 Enterprise ≥ 126.96.36.19985