CVE-2024-45837

Description

Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software. A network-adjacent unauthenticated attacker may log in to SFTP service and obtain and/or manipulate unauthorized files.

CVSS breakdown

Affected products

• AIPHONE CO., LTD. / IX-BAfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-BAUfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-BBfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-BBTfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-BUfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-DAfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-DAUfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-DBfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-DBTfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-DUfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-DVfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-DVFfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-DVF-2RAfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-DVF-Lfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-DVF-Pfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-DVF-RAfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-DVMfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-DVTfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-EAfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-EATfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-EAUfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-FAfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IXG-2C7firmware Ver.3.01 and earlier – firmware Ver.3.01 and earlier
• AIPHONE CO., LTD. / IXG-2C7-Lfirmware Ver.3.01 and earlier – firmware Ver.3.01 and earlier
• AIPHONE CO., LTD. / IXG-DM7firmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
• AIPHONE CO., LTD. / IXG-DM7-10Kfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
• AIPHONE CO., LTD. / IXG-DM7-HIDfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
• AIPHONE CO., LTD. / IXG-DM7-HIDAfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
• AIPHONE CO., LTD. / IXG-MKfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
• AIPHONE CO., LTD. / IXG-SupportToolVer.5.0.2.0 and earlier – Ver.5.0.2.0 and earlier
• AIPHONE CO., LTD. / IXGW-GWfirmware Ver.3.01 and earlier – firmware Ver.3.01 and earlier
• AIPHONE CO., LTD. / IXGW-LCfirmware Ver.3.00 and earlier – firmware Ver.3.00 and earlier
• AIPHONE CO., LTD. / IXGW-TGWfirmware Ver.3.01 and earlier – firmware Ver.3.01 and earlier
• AIPHONE CO., LTD. / IX-MVfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-MV7-Bfirmware Ver.7.31 and earlier – firmware Ver.7.31 and earlier
• AIPHONE CO., LTD. / IX-MV7-BTfirmware Ver.7.31 and earlier – firmware Ver.7.31 and earlier
• AIPHONE CO., LTD. / IX-MV7-HBfirmware Ver.7.31 and earlier – firmware Ver.7.31 and earlier
• AIPHONE CO., LTD. / IX-MV7-HBTfirmware Ver.7.31 and earlier – firmware Ver.7.31 and earlier
• AIPHONE CO., LTD. / IX-MV7-HWfirmware Ver.7.31 and earlier – firmware Ver.7.31 and earlier
• AIPHONE CO., LTD. / IX-MV7-HW-JPfirmware Ver.7.31 and earlier – firmware Ver.7.31 and earlier
• AIPHONE CO., LTD. / IX-MV7-HWTfirmware Ver.7.31 and earlier – firmware Ver.7.31 and earlier
• AIPHONE CO., LTD. / IX-MV7-Wfirmware Ver.7.31 and earlier – firmware Ver.7.31 and earlier
• AIPHONE CO., LTD. / IX-MV7-WTfirmware Ver.7.31 and earlier – firmware Ver.7.31 and earlier
• AIPHONE CO., LTD. / IX-RS-Bfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-RS-BTfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-RS-Wfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-RS-WTfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-SPMICfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-SS-2Gfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-SS-2G-Nfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-SS-2GTfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-SSAfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-SSA-2RAfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-SSA-RAfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier
• AIPHONE CO., LTD. / IX-SupportToolVer.10.3.0.0 and earlier – Ver.10.3.0.0 and earlier
• AIPHONE CO., LTD. / IXW-MAfirmware Ver.7.30 and earlier – firmware Ver.7.30 and earlier

References

• MISChttps://www.aiphone.net/important/20241016_1/
• MISChttps://www.aiphone.net/important/20241016_2/
• MISChttps://www.aiphone.net/support/software-documents/ix/
• MISChttps://www.aiphone.net/support/software-documents/ixg/
• MISChttps://jvn.jp/en/jp/JVN41397971/