CVE-2024-47142

Description

AIPHONE IXG SYSTEM IXG-2C7 firmware Ver.2.03 and earlier and IXG-2C7-L firmware Ver.2.03 and earlier contain an issue with insufficiently protected credentials, which may allow a network-adjacent authenticated attacker to perform unintended operations.

CVSS breakdown

CVSS 3.0

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Affected products

AIPHONE CO., LTD. / IXG-2C7firmware Ver.2.03 and earlier – firmware Ver.2.03 and earlier
AIPHONE CO., LTD. / IXG-2C7-Lfirmware Ver.2.03 and earlier – firmware Ver.2.03 and earlier

References

MISChttps://www.aiphone.net/important/20241016_2/
MISChttps://www.aiphone.net/support/software-documents/ixg/
MISChttps://jvn.jp/en/jp/JVN41397971/