CVE-2023-21406

Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. A heap-based buffer overflow was found in the pacsiod process which is handling the OSDP communication allowing to write outside of the allocated buffer. By appending invalid data to an OSDP...

Design/Logic Flaw

Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod process, causing a temporary unavailability of the door-controlling functionalities meaning that doors...

CVE-2023-21406 Heap-based buffer overflow in Axis A1001 Network Door Controller's OSDP communication

Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. A heap-based buffer overflow was found in the pacsiod process which is handling the OSDP communication allowing to write outside of the allocated buffer. By appending invalid data to an OSDP...

AXIS A1001 缓冲区错误漏洞

The AXIS A1001 is a door controller from Axis Sweden. A security vulnerability exists in AXIS A1001 version 1.65.4 and earlier, which stems from a heap-based buffer overflow in the pacsiod process that allows writes outside of the allocated buffer, and data written to the outside of the buffer ca...

PT-2023-7483 · Axis · Axis Network Intercoms +1

Name of the Vulnerable Software and Affected Versions: Axis Network Door Controllers and Axis Network Intercoms affected versions not specified Description: The issue is related to a flaw in the implementation of the Open Supervised Device Protocol OSDP in Axis Network Door Controllers and Axis...