CVE-2023-21405

🗓️ 25 Jul 2023 07:34:36Reported by AxisType

CVE-2023-21405: Flaw in Axis Network Door Controllers & Intercoms causes temporary unavailability of door-controlling functionalitie

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the Open Supervised Device Protocol implementation in the AXIS OS operating system of AXIS controllers allows a perpetrator to cause temporary disconnection of functions.	8 Dec 202300:00	–	bdu_fstec
Circl	CVE-2023-21405	25 Jul 202312:27	–	circl
CNNVD	Axis Network Door Controllers 安全漏洞	25 Jul 202300:00	–	cnnvd
Cvelist	CVE-2023-21405 Denial-of-Service vulnerability in Axis Network Door Controller's and Axis Network Intercom's OSDP communication	25 Jul 202307:34	–	cvelist
EUVD	EUVD-2023-25573	3 Oct 202520:07	–	euvd
NVD	CVE-2023-21405	25 Jul 202308:15	–	nvd
OSV	CVE-2023-21405	25 Jul 202308:15	–	osv
Prion	Design/Logic Flaw	25 Jul 202308:15	–	prion
Positive Technologies	PT-2023-7483 · Axis · Axis Network Intercoms +1	25 Jul 202300:00	–	ptsecurity
Tenable Nessus	Axis Communications Network Door Controllers and Intercoms Denial of Service (CVE-2023-21405)	23 Jan 202400:00	–	nessus

NVD

Node

axis a1001_firmwareRange≤1.65.4

AND

axis a1001Match-

Node

axis a1210_(-b)_firmwareRange11.0–11.6.16.0

AND

axis a1210_(-b)Match-

Node

axis a1601_firmwareRange≤1.84.4

axis a1601_firmwareRange10.0–10.12.171.0

axis a1601_firmwareRange11.0–11.6.16.0

AND

axis a1601Match-

Node

axis a1610_(-b)_firmwareRange≤10.12.171.0

axis a1610_(-b)_firmwareRange11.0–11.6.16.0

AND

axis a1610_(-b)Match-

Node

axis axis_osRange≤10.12.178

axis axis_osRange11.0–11.5.53

AND

axis a8207Match-

Node

axis axis_osRange≤10.12.178

axis axis_osRange11.0–11.5.53

AND

axis a8207_mkiiMatch-

[
  {
    "defaultStatus": "unaffected",
    "product": "AXIS A1001 Network Door Controller",
    "vendor": "Axis Communications AB",
    "versions": [
      {
        "status": "affected",
        "version": "AXIS OS 1.65.4 or earlier"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "AXIS A1210-B Network Door Controller",
    "vendor": "Axis Communications AB",
    "versions": [
      {
        "status": "affected",
        "version": "AXIS OS 11.0 - 11.6.16.0"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "AXIS A1601 Network Door Controller",
    "vendor": "Axis Communications AB",
    "versions": [
      {
        "status": "affected",
        "version": "AXIS OS 1.84.4 or earlier"
      },
      {
        "status": "affected",
        "version": "AXIS OS 10.12.171.0 or earlier"
      },
      {
        "status": "affected",
        "version": "AXIS OS 11.0 - 11.6.16.0"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "AXIS A1610 (-B) Network Door Controller",
    "vendor": "Axis Communications AB",
    "versions": [
      {
        "status": "affected",
        "version": "AXIS OS 10.12.171.0 or earlier"
      },
      {
        "status": "affected",
        "version": "AXIS OS 11.0 - 11.6.16.0"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "AXIS A8207-VE Network Video Door Station",
    "vendor": "Axis Communications AB",
    "versions": [
      {
        "status": "affected",
        "version": "AXIS OS 10.12.178 or earlier"
      },
      {
        "status": "affected",
        "version": "AXIS OS AXIS OS 11.0 - 11.5.53"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "AXIS A8207-VE Mk II Network Video Door Station",
    "vendor": "Axis Communications AB",
    "versions": [
      {
        "status": "affected",
        "version": "AXIS OS 10.12.178 or earlier"
      },
      {
        "status": "affected",
        "version": "AXIS OS AXIS OS 11.0 - 11.5.53"
      }
    ]
  }
]

Source	Link
axis	www.axis.com/dam/public/7f/3a/ed/cve-2023-21405-en-US-407244.pdf

21 Nov 2024 07:42Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.16.5

EPSS0.00081

SSVC