CVE-2024-39290

Description

Insufficiently protected credentials issue exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent unauthenticated attacker may obtain sensitive information such as a username and its password in the address book.

CVSS breakdown

Affected products

• AIPHONE CO., LTD. / IX-BAfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-BAUfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-BBfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-BBTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-BUfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
• AIPHONE CO., LTD. / IX-DAfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-DAUfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-DBfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-DBTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-DUfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
• AIPHONE CO., LTD. / IX-DVfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
• AIPHONE CO., LTD. / IX-DVFfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
• AIPHONE CO., LTD. / IX-DVF-2RAfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
• AIPHONE CO., LTD. / IX-DVF-Lfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
• AIPHONE CO., LTD. / IX-DVF-Pfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
• AIPHONE CO., LTD. / IX-DVF-RAfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
• AIPHONE CO., LTD. / IX-DVMfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-DVTfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
• AIPHONE CO., LTD. / IX-EAfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-EATfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-EAUfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-FAfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IXG-2C7firmware Ver.3.01 and earlier – firmware Ver.3.01 and earlier
• AIPHONE CO., LTD. / IXG-2C7-Lfirmware Ver.3.01 and earlier – firmware Ver.3.01 and earlier
• AIPHONE CO., LTD. / IXG-DM7firmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
• AIPHONE CO., LTD. / IXG-DM7-10Kfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
• AIPHONE CO., LTD. / IXG-DM7-HIDfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
• AIPHONE CO., LTD. / IXG-DM7-HIDAfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
• AIPHONE CO., LTD. / IXG-MKfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
• AIPHONE CO., LTD. / IXGW-GWfirmware Ver.3.01 and earlier – firmware Ver.3.01 and earlier
• AIPHONE CO., LTD. / IXGW-LCfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
• AIPHONE CO., LTD. / IXGW-TGWfirmware Ver.3.01 and earlier – firmware Ver.3.01 and earlier
• AIPHONE CO., LTD. / IX-MVfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-MV7-Bfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-MV7-BTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-MV7-HBfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-MV7-HBTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-MV7-HWfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-MV7-HW-JPfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-MV7-HWTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-MV7-Wfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-MV7-WTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-RS-Bfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-RS-BTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-RS-Wfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-RS-WTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-SPMICfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-SS-2Gfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-SS-2G-Nfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-SS-2GTfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier
• AIPHONE CO., LTD. / IX-SSAfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
• AIPHONE CO., LTD. / IX-SSA-2RAfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
• AIPHONE CO., LTD. / IX-SSA-RAfirmware Ver.7.11 and earlier – firmware Ver.7.11 and earlier
• AIPHONE CO., LTD. / IXW-MAfirmware Ver.7.10 and earlier – firmware Ver.7.10 and earlier

References

• MISChttps://www.aiphone.net/important/20241016_1/
• MISChttps://www.aiphone.net/important/20241016_2/
• MISChttps://www.aiphone.net/support/software-documents/ix/
• MISChttps://www.aiphone.net/support/software-documents/ixg/
• MISChttps://jvn.jp/en/jp/JVN41397971/