CVE-2023-38433 Scanner
Detects 'Hard-Coded Credentials' vulnerability in Fujitsu Limited IP-HE950E, IP-HE950D, IP-HE900E, IP-HE900D, IP-900E / IP-920E, IP-900D / IP-900ⅡD / IP-920D, IP-90, IP-9610 affects v. IP-HE950E firmware V01L001 to V01L053, IP-HE950D firmware V01L001 to V01L053, IP-HE900E firmware V01L001 to V01L010, IP-HE900D firmware V01L001 to V01L004, IP-900E / IP-920E firmware V01L001 to V02L061, IP-900D / IP-900ⅡD / IP-920D firmware V01L001 to V02L061, IP-90 firmware V01L001 to V01L013, and IP-9610 firmware V01L001 to V02L007..
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
29 days
Scan only one
Domain, IPv4
Toolbox
-
The Fujitsu Limited IP series is a range of real-time video transmission gear designed for use in various industries. These products are used to transmit high-definition video content over long distances through Ethernet networks. Specifically, the IP-HE950E, IP-HE950D, IP-HE900E, IP-HE900D, IP-900E / IP-920E, IP-900D / IP-900ⅡD / IP-920D, IP-90, and IP-9610 models are utilized in surveillance systems, broadcasting stations, and video-conferencing setups.
The CVE-2023-38433 vulnerability has been detected in the Fujitsu Real-time Video Transmission Gear "IP series." This vulnerability arises from the use of hard-coded credentials that allow unauthenticated remote attackers to trigger reboot or initialization of the product, causing the termination of the video transmission. The hard-coded credentials are often included by manufacturers for administrative purposes and can become a serious security risk if an attacker gains access to them.
Exploiting this vulnerability can lead to serious consequences, including unauthorized access to sensitive information transmitted via the video transmission gear. Attackers can also use the gear as a launchpad for launching more extensive attacks on the target network. This vulnerability is a severe threat to the privacy and security of any video transmission that relies on the Fujitsu IP series.
Those who are concerned about the vulnerability in their digital assets can quickly learn about them through the pro features of the s4e.io platform. This platform is a comprehensive resource for information on the latest security threats and vulnerabilities affecting organizations worldwide. With its user-friendly interface and expert analysis, this platform makes it easy to stay up-to-date on the latest security threats, protect digital assets, and take proactive steps towards improved cybersecurity.
REFERENCES