Dear 3CX Users,
It has recently been discovered that a particular version of the 3CX desktop application included in 3CX Phone System Update 7 has been found to have a significant security vulnerability.
We have been monitoring this situation closely and can confirm if you have an RBC Group hosted 3CX instance, along with an ip2me managed endpoint or sentry2me security suite, the specific version has not been deployed.
As per our standard managed service practices, updates are not deployed until they have passed internal security and stability testing.
If you have an unmanaged device, we strongly recommend that you contact your IT provider to make sure the vulnerable version is not installed.