7.5
CVE-2023-38433
- EPSS 53.2%
- Published 26.07.2023 08:15:10
- Last modified 21.11.2024 08:13:33
- Source vultures@jpcert.or.jp
- Teams watchlist Login
- Open Login
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900ⅡD / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007.
Data is provided by the National Vulnerability Database (NVD)
Fujitsu ≫ Ip-he950e Firmware Version >= v01l001 <= v01l053
Fujitsu ≫ Ip-he950d Firmware Version >= v01l001 <= v01l053
Fujitsu ≫ Ip-he900e Firmware Version >= v01l001 <= v01l010
Fujitsu ≫ Ip-he900d Firmware Version >= v01l001 <= v01l004
Fujitsu ≫ Ip-900e Firmware Version >= v01l001 <= v02l061
Fujitsu ≫ Ip-920e Firmware Version >= v01l001 <= v02l061
Fujitsu ≫ Ip-900d Firmware Version >= v01l001 <= v02l061
Fujitsu ≫ Ip-900iid Firmware Version >= v01l001 <= v02l061
Fujitsu ≫ Ip-920d Firmware Version >= v01l001 <= v02l061
Fujitsu ≫ Ip-90 Firmware Version >= v01l001 <= v01l013
Fujitsu ≫ Ip-9610 Firmware Version >= v01l001 <= v02l007
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 53.2% | 0.979 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-798 Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.