Multiple vulnerabilities in Akuvox E11
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 13 |
| CVE-ID | CVE-2023-0348 CVE-2023-0351 CVE-2023-0354 CVE-2023-0353 CVE-2023-0349 CVE-2023-0355 CVE-2023-0352 CVE-2023-0350 CVE-2023-0347 CVE-2023-0346 CVE-2023-0345 CVE-2023-0344 CVE-2023-0343 |
| CWE-ID | CWE-284 CWE-77 CWE-306 CWE-257 CWE-862 CWE-321 CWE-640 CWE-646 CWE-200 CWE-287 CWE-798 CWE-912 CWE-329 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Akuvox E11 Hardware solutions / Other hardware appliances |
| Vendor | Akuvox |
Security Bulletin
This security bulletin contains information about 13 vulnerabilities.
1) Improper access control
EUVDB-ID: #VU73252
Risk: Medium
CVSSv3.1: 6.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-0348
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to sensitive information on the system.
The vulnerability exists due to improper access restrictions within SIP calls. A remote attacker can activate the camera and microphone and contact any device within Akuvox to call any other device.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAkuvox E11: All versions
External linkshttp://claroty.com/team82/blog/akuvox-smart-intercom-vulnerabilities-leave-privacy-ajar
http://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Command Injection
EUVDB-ID: #VU73251
Risk: Medium
CVSSv3.1: 8.1 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-0351
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary commands on the target system.
The vulnerability exists due to improper input validation in the device phone-book contacts functionality in the "call log" page. A remote attacker on the local network can pass specially crafted data to the application and execute arbitrary commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAkuvox E11: All versions
External linkshttp://claroty.com/team82/blog/akuvox-smart-intercom-vulnerabilities-leave-privacy-ajar
http://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Missing Authentication for Critical Function
EUVDB-ID: #VU73250
Risk: Medium
CVSSv3.1: 8.1 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-0354
CWE-ID:
CWE-306 - Missing Authentication for Critical Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to missing authentication for a critical function. A remote attacker on the local network can execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAkuvox E11: All versions
External linkshttp://claroty.com/team82/blog/akuvox-smart-intercom-vulnerabilities-leave-privacy-ajar
http://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Storing passwords in a recoverable format
EUVDB-ID: #VU73253
Risk: Medium
CVSSv3.1: 6.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-0353
CWE-ID:
CWE-257 - Storing Passwords in a Recoverable Format
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to the affected product uses a weak encryption algorithm for stored passwords and a hard-coded password for decryption. A remote attacker can cause the encrypted passwords to be decrypted from the configuration file.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAkuvox E11: All versions
External linkshttp://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Missing Authorization
EUVDB-ID: #VU73254
Risk: Medium
CVSSv3.1: 6 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-0349
CWE-ID:
CWE-862 - Missing Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authorization checks.
The vulnerability exists due to a missing permission check in libvoice library. A remote attacker on the local network can view and record image and video from the camera.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAkuvox E11: All versions
External linkshttp://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Use of Hard-coded Cryptographic Key
EUVDB-ID: #VU73255
Risk: Medium
CVSSv3.1: 6 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-0355
CWE-ID:
CWE-321 - Use of Hard-coded Cryptographic Key
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a hard-coded cryptographic key. A remote attacker on the local network can decrypt sensitive information.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAkuvox E11: All versions
External linkshttp://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Weak Password Recovery Mechanism for Forgotten Password
EUVDB-ID: #VU73256
Risk: High
CVSSv3.1: 8.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-0352
CWE-ID:
CWE-640 - Weak password recovery mechanism
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a weak password recovery mechanism for forgotten password. A remote attacker can download the device key file and reset the password back to the default.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAkuvox E11: All versions
External linkshttp://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Reliance on File Name or Extension of Externally-Supplied File
EUVDB-ID: #VU73257
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-0350
CWE-ID:
CWE-646 - Reliance on File Name or Extension of Externally-Supplied File
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to the affected product does not ensure that a file extension is associated with the file provided. A remote attacker can change the extension of a malicious file to an accepted file type and upload a file to the device.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAkuvox E11: All versions
External linkshttp://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Information disclosure
EUVDB-ID: #VU73258
Risk: Medium
CVSSv3.1: 6.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-0347
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker can identify the device on the Akuvox cloud.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAkuvox E11: All versions
External linkshttp://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper Authentication
EUVDB-ID: #VU73259
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-0346
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error when cloud login is performed through an unencrypted HTTP connection. A remote attacker can gain access to the Akuvox cloud and device if the MAC address of a device is known.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAkuvox E11: All versions
External linkshttp://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Use of hard-coded credentials
EUVDB-ID: #VU73260
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-0345
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain full access to vulnerable system.
The vulnerability exists due to presence of hard-coded credentials in application code within the secure shell (SSH) server. A remote attacker can access the affected system using the hard-coded credentials.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAkuvox E11: All versions
External linkshttp://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Hidden functionality
EUVDB-ID: #VU73261
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-0344
CWE-ID:
CWE-912 - Hidden Functionality (Backdoor)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system
The vulnerability exists due to the affected software uses a custom version of dropbear SSH server. A remote attacker can use this functionality to gain full access to the application and compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAkuvox E11: All versions
External linkshttp://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Not Using an Unpredictable IV with CBC Mode
EUVDB-ID: #VU73262
Risk: Medium
CVSSv3.1: 6 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-0343
CWE-ID:
CWE-329 - Not Using an Unpredictable IV with CBC Mode
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the affected product contains a function that encrypts messages which are then forwarded. A remote attacker on the local network can decrypt messages.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsAkuvox E11: All versions
External linkshttp://claroty.com/team82/research/the-silent-spy-among-us-modern-attacks-against-smart-intercoms
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
