PT-2023-7483 · Axis · Axis Network Intercoms+1
Published
2023-07-25
·
Updated
2024-11-08
·
CVE-2023-21405
CVSS v3.1
6.5
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Axis Network Door Controllers and Axis Network Intercoms (affected versions not specified)
Description
The issue is related to a flaw in the implementation of the Open Supervised Device Protocol (OSDP) in Axis Network Door Controllers and Axis Network Intercoms. This flaw causes the OSDP message parser to crash the pacsiod process, resulting in a temporary unavailability of door-controlling functionalities, meaning doors cannot be opened or closed. No sensitive or customer data can be extracted as the Axis device is not further compromised.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Check for Exceptional Conditions
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Axis Network Door Controllers
Axis Network Intercoms