CVE-2023-38433
First published: Wed Jul 26 2023(Updated: )
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900?D / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007.
Credit: vultures@jpcert.or.jp vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fujitsu Ip-he950e Firmware | >=v01l001<=v01l053 | |
| Fujitsu Ip-he950e | ||
| Fujitsu Ip-he950d Firmware | >=v01l001<=v01l053 | |
| Fujitsu Ip-he950d | ||
| Fujitsu Ip-he900e Firmware | >=v01l001<=v01l010 | |
| Fujitsu Ip-he900e | ||
| Fujitsu Ip-he900d Firmware | >=v01l001<=v01l004 | |
| Fujitsu Ip-he900d | ||
| Fujitsu Ip-900e Firmware | >=v01l001<=v02l061 | |
| Fujitsu Ip-900e | ||
| Fujitsu Ip-920e Firmware | >=v01l001<=v02l061 | |
| Fujitsu Ip-920e | ||
| Fujitsu Ip-900d Firmware | >=v01l001<=v02l061 | |
| Fujitsu Ip-900d | ||
| Fujitsu Ip-900iid Firmware | >=v01l001<=v02l061 | |
| Fujitsu Ip-900iid | ||
| Fujitsu Ip-920d Firmware | >=v01l001<=v02l061 | |
| Fujitsu Ip-920d | ||
| Fujitsu Ip-90 Firmware | >=v01l001<=v01l013 | |
| Fujitsu Ip-90 | ||
| Fujitsu Ip-9610 Firmware | >=v01l001<=v02l007 | |
| Fujitsu Ip-9610 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-38433.
What is the severity of CVE-2023-38433?
The severity of CVE-2023-38433 is high.
Which products are affected by CVE-2023-38433?
The IP-HE950E firmware versions V01L001 to V01L053 are affected by CVE-2023-38433.
What can an attacker do with this vulnerability?
An attacker can use hard-coded credentials to initialize or reboot the affected products, resulting in the termination of video transmission.
How can I fix CVE-2023-38433?
To fix CVE-2023-38433, Fujitsu recommends updating the firmware of the affected products to a version that addresses the vulnerability.
- collector/nvd-latest
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/fujitsu
- canonical/fujitsu ip-he950e firmware
- version/fujitsu ip-he950e firmware/v01l001
- version/fujitsu ip-he950e firmware/v01l053
- canonical/fujitsu ip-he950e
- canonical/fujitsu ip-he950d firmware
- version/fujitsu ip-he950d firmware/v01l001
- version/fujitsu ip-he950d firmware/v01l053
- canonical/fujitsu ip-he950d
- canonical/fujitsu ip-he900e firmware
- version/fujitsu ip-he900e firmware/v01l001
- version/fujitsu ip-he900e firmware/v01l010
- canonical/fujitsu ip-he900e
- canonical/fujitsu ip-he900d firmware
- version/fujitsu ip-he900d firmware/v01l001
- version/fujitsu ip-he900d firmware/v01l004
- canonical/fujitsu ip-he900d
- canonical/fujitsu ip-900e firmware
- version/fujitsu ip-900e firmware/v01l001
- version/fujitsu ip-900e firmware/v02l061
- canonical/fujitsu ip-900e
- canonical/fujitsu ip-920e firmware
- version/fujitsu ip-920e firmware/v01l001
- version/fujitsu ip-920e firmware/v02l061
- canonical/fujitsu ip-920e
- canonical/fujitsu ip-900d firmware
- version/fujitsu ip-900d firmware/v01l001
- version/fujitsu ip-900d firmware/v02l061
- canonical/fujitsu ip-900d
- canonical/fujitsu ip-900iid firmware
- version/fujitsu ip-900iid firmware/v01l001
- version/fujitsu ip-900iid firmware/v02l061
- canonical/fujitsu ip-900iid
- canonical/fujitsu ip-920d firmware
- version/fujitsu ip-920d firmware/v01l001
- version/fujitsu ip-920d firmware/v02l061
- canonical/fujitsu ip-920d
- canonical/fujitsu ip-90 firmware
- version/fujitsu ip-90 firmware/v01l001
- version/fujitsu ip-90 firmware/v01l013
- canonical/fujitsu ip-90
- canonical/fujitsu ip-9610 firmware
- version/fujitsu ip-9610 firmware/v01l001
- version/fujitsu ip-9610 firmware/v02l007
- canonical/fujitsu ip-9610