CVE-2024-45837 Information

Nov 23, 2024 cve

Description

Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM IXG SYSTEM and System Support Software. A network-adjacent unauthenticated attacker may log in to SFTP service and obtain and/or manipulate unauthorized files.

Reference

https://jvn.jp/en/jp/JVN41397971/ https://www.aiphone.net/important/20241016_1/ https://www.aiphone.net/important/20241016_2/ https://www.aiphone.net/support/software-documents/ix/ https://www.aiphone.net/support/software-documents/ixg/

Share on: