All the vulnerabilites related to Fujitsu Limited - IP-HE900D
cve-2023-38433
Vulnerability from cvelistv5
Published
2023-07-26 07:44
Modified
2024-10-23 14:50
Severity ?
EPSS score ?
Summary
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900ⅡD / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007.
References
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:39:13.693Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.fujitsu.com/global/products/computing/peripheral/video/download/" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/jp/JVN95727578/" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:h:fujitsu:ip-he950e:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ip-he950e", "vendor": "fujitsu", "versions": [ { "lessThanOrEqual": "V01L053", "status": "affected", "version": "V01L001", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:fujitsu:ip-he950d_firmware:v01l001:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ip-he950d_firmware", "vendor": "fujitsu", "versions": [ { "lessThanOrEqual": "V01L053", "status": "affected", "version": "v01l001", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:fujitsu:ip-he900e_firmware:v01l001:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ip-he900e_firmware", "vendor": "fujitsu", "versions": [ { "lessThanOrEqual": "V01L010", "status": "affected", "version": "v01l001", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:fujitsu:ip-he900d_firmware:v01l001:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ip-he900d_firmware", "vendor": "fujitsu", "versions": [ { "lessThanOrEqual": "V01L004", "status": "affected", "version": "v01l001", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:fujitsu:ip-900e_firmware:v01l001:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ip-900e_firmware", "vendor": "fujitsu", "versions": [ { "lessThanOrEqual": "V02L061", "status": "affected", "version": "v01l001", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:fujitsu:ip-920e_firmware:v01l001:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ip-920e_firmware", "vendor": "fujitsu", "versions": [ { "lessThanOrEqual": "V02L061", "status": "affected", "version": "v01l001", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:fujitsu:ip-900d_firmware:v01l001:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ip-900d_firmware", "vendor": "fujitsu", "versions": [ { "lessThanOrEqual": "V02L061", "status": "affected", "version": "v01l001", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:fujitsu:ip-900iid_firmware:v01l001:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ip-900iid_firmware", "vendor": "fujitsu", "versions": [ { "lessThanOrEqual": "V02L061", "status": "affected", "version": "v01l001", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:fujitsu:ip-920d_firmware:v01l001:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ip-920d_firmware", "vendor": "fujitsu", "versions": [ { "lessThanOrEqual": "V02L061", "status": "affected", "version": "v01l001", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:fujitsu:ip-90:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ip-90", "vendor": "fujitsu", "versions": [ { "lessThanOrEqual": "V01L013", "status": "affected", "version": "V01L001", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:fujitsu:ip-9610_firmware:v01l001:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ip-9610_firmware", "vendor": "fujitsu", "versions": [ { "lessThanOrEqual": "V02L007", "status": "affected", "version": "v01l001", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-38433", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-23T14:27:21.919772Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-23T14:50:47.908Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "IP-HE950E", "vendor": "Fujitsu Limited ", "versions": [ { "status": "affected", "version": "firmware versions V01L001 to V01L053" } ] }, { "product": "IP-HE950D", "vendor": "Fujitsu Limited ", "versions": [ { "status": "affected", "version": "firmware versions V01L001 to V01L053" } ] }, { "product": "IP-HE900E", "vendor": "Fujitsu Limited ", "versions": [ { "status": "affected", "version": "firmware versions V01L001 to V01L010" } ] }, { "product": "IP-HE900D", "vendor": "Fujitsu Limited ", "versions": [ { "status": "affected", "version": "firmware versions V01L001 to V01L004" } ] }, { "product": "IP-900E / IP-920E", "vendor": "Fujitsu Limited ", "versions": [ { "status": "affected", "version": "firmware versions V01L001 to V02L061" } ] }, { "product": "IP-900D / IP-900\u2161D / IP-920D", "vendor": "Fujitsu Limited ", "versions": [ { "status": "affected", "version": "firmware versions V01L001 to V02L061" } ] }, { "product": "IP-90", "vendor": "Fujitsu Limited ", "versions": [ { "status": "affected", "version": "firmware versions V01L001 to V01L013" } ] }, { "product": "IP-9610", "vendor": "Fujitsu Limited ", "versions": [ { "status": "affected", "version": "firmware versions V01L001 to V02L007" } ] } ], "descriptions": [ { "lang": "en", "value": "Fujitsu Real-time Video Transmission Gear \"IP series\" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900\u2161D / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007." } ], "problemTypes": [ { "descriptions": [ { "description": "Use of Hard-coded Credentials", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-26T07:44:04.302Z", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert" }, "references": [ { "url": "https://www.fujitsu.com/global/products/computing/peripheral/video/download/" }, { "url": "https://jvn.jp/en/jp/JVN95727578/" } ] } }, "cveMetadata": { "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2023-38433", "datePublished": "2023-07-26T07:44:04.302Z", "dateReserved": "2023-07-18T00:32:29.582Z", "dateUpdated": "2024-10-23T14:50:47.908Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }