PT-2024-32433 · Aiphone · Aiphone Ixg System Ixg-2C7
Published
2024-11-21
·
Updated
2024-11-22
·
CVE-2024-47142
CVSS v3.1
5.5
Medium
| Vector | AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
AIPHONE IXG SYSTEM IXG-2C7 firmware versions 2.03 and earlier
AIPHONE IXG SYSTEM IXG-2C7-L firmware versions 2.03 and earlier
Description
The issue is related to insufficiently protected credentials, which may allow a network-adjacent authenticated attacker to perform unintended operations.
Recommendations
For AIPHONE IXG SYSTEM IXG-2C7 firmware versions 2.03 and earlier, update to a version later than 2.03 to resolve the issue.
For AIPHONE IXG SYSTEM IXG-2C7-L firmware versions 2.03 and earlier, update to a version later than 2.03 to resolve the issue.
As a temporary workaround, consider restricting access to the system to minimize the risk of exploitation.
Fix
Insufficiently Protected Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aiphone Ixg System Ixg-2C7