CVE-2023-38433
N/A
Summary
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900ⅡD / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Fujitsu Limited | IP-HE950E | firmware versions V01L001 to V01L053 | affected |
| Fujitsu Limited | IP-HE950D | firmware versions V01L001 to V01L053 | affected |
| Fujitsu Limited | IP-HE900E | firmware versions V01L001 to V01L010 | affected |
| Fujitsu Limited | IP-HE900D | firmware versions V01L001 to V01L004 | affected |
| Fujitsu Limited | IP-900E / IP-920E | firmware versions V01L001 to V02L061 | affected |
| Fujitsu Limited | IP-900D / IP-900ⅡD / IP-920D | firmware versions V01L001 to V02L061 | affected |
| Fujitsu Limited | IP-90 | firmware versions V01L001 to V01L013 | affected |
| Fujitsu Limited | IP-9610 | firmware versions V01L001 to V02L007 | affected |
Weaknesses
- Use of Hard-coded Credentials
ADP Enrichment
CVE Program Container
Additional References
- https://www.fujitsu.com/global/products/computing/peripheral/video/download/
- https://jvn.jp/en/jp/JVN95727578/
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://www.fujitsu.com/global/products/computing/peripheral/video/download/
- https://jvn.jp/en/jp/JVN95727578/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.