PT-2024-28735 · Ip Com · Ipcom Ex2 Series
Published
2024-09-03
·
Updated
2024-09-19
·
CVE-2024-39921
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IPCOM EX2 Series versions V01L02NF0001 through V01L06NF0401
IPCOM EX2 Series versions V01L20NF0001 through V01L20NF0401
IPCOM EX2 Series versions V02L20NF0001 through V02L21NF0301
IPCOM VE2 Series versions V01L04NF0001 through V01L06NF0112
Description
A timing discrepancy issue exists in the IPCOM series, which may allow an attacker to decrypt some of the encrypted communication if the issue is exploited.
Recommendations
For IPCOM EX2 Series versions V01L02NF0001 through V01L06NF0401, update to a version that fixes the timing discrepancy issue.
For IPCOM EX2 Series versions V01L20NF0001 through V01L20NF0401, update to a version that fixes the timing discrepancy issue.
For IPCOM EX2 Series versions V02L20NF0001 through V02L21NF0301, update to a version that fixes the timing discrepancy issue.
For IPCOM VE2 Series versions V01L04NF0001 through V01L06NF0112, update to a version that fixes the timing discrepancy issue.
Fix
Side Channel Attack
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ipcom Ex2 Series