CVE-2023-38433
published 2023-07-26CVE-2023-38433: Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the…
PriorityP179high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
2.99%
85.6th percentile
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900ⅡD / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fujitsu | ip-900d_firmware | v01l001 – v02l061 | — |
| fujitsu | ip-900e_firmware | v01l001 – v02l061 | — |
| fujitsu | ip-900iid_firmware | v01l001 – v02l061 | — |
| fujitsu | ip-90_firmware | v01l001 – v01l013 | — |
| fujitsu | ip-920d_firmware | v01l001 – v02l061 | — |
| fujitsu | ip-920e_firmware | v01l001 – v02l061 | — |
| fujitsu | ip-9610_firmware | v01l001 – v02l007 | — |
| fujitsu | ip-he900d_firmware | v01l001 – v01l004 | — |
| fujitsu | ip-he900e_firmware | v01l001 – v01l010 | — |
| fujitsu | ip-he950d_firmware | v01l001 – v01l053 | — |
| fujitsu | ip-he950e_firmware | v01l001 – v01l053 | — |
| fujitsu_limited | ip-90 | — | — |
| fujitsu_limited | ip-900d_ip-900_d_ip-920d | — | — |
| fujitsu_limited | ip-900e_ip-920e | — | — |
| fujitsu_limited | ip-9610 | — | — |
| fujitsu_limited | ip-he900d | — | — |
| fujitsu_limited | ip-he900e | — | — |
| fujitsu_limited | ip-he950d | — | — |
| fujitsu_limited | ip-he950e | — | — |
Detection & IOCsextracted from sources · hover to see the quote
url/b_download/index.html
otherusername: fedish264pro, password: h264pro@broadsight
otherusername: fedish265pro, password: h265pro@broadsight
otherServer: thttpd/2.25b 29dec2003
- →Shodan fingerprint for exposed Fujitsu IP Series devices: match on Server header 'thttpd/2.25b 29dec2003' combined with content-length of 1133
- →Successful exploitation returns HTTP 200 with body containing the string 'Field Support' on the /b_download/index.html endpoint when authenticated with hardcoded credentials
- →Attack uses HTTP Basic Authentication (Base64-encoded) with hardcoded credential pairs against /b_download/index.html; monitor for repeated Basic Auth attempts to this path from unauthenticated remote sources
- →The hardcoded credentials are intended for factory testing and may be obtained via reverse engineering; they provide administrative access and cannot be changed by the end-user ↗
- ·Two distinct hardcoded credential pairs exist — one for H.264 and one for H.265 product variants; both must be tested during assessments
- ·CISA assigned CVSS v3 base score of 5.9 (AV:N/AC:H) due to high attack complexity, differing from the NVD/template score of 7.5 (AV:N/AC:L); defenders should note the discrepancy when prioritising ↗
- ·Exploitation allows an attacker to initialize or reboot the device, terminating video transmission — impact is availability-focused on the video feed, not code execution ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Fujitsu Limited Real-time Video Transmission Gear "IP series"
cisa_ics·2023-09-05·CVSS 7.5
[HIGH] Fujitsu Limited Real-time Video Transmission Gear "IP series"
ICS Advisory
##
Fujitsu Limited Real-time Video Transmission Gear "IP series"
Release DateSeptember 05, 2023
Alert CodeICSA-23-248-01
## 1. EXECUTIVE SUMMARY
- CVSS v3 5.9
- ATTENTION: Exploitable remotely
- Vendor: Fujitsu Limited
- Equipment: Real-time Video Transmission Gear "IP series"
- Vulnerability: Use Of Hard-Coded Credentials
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could result in an attacker logging into the web interface using the obtained credentials. The attacker could initialize or reboot the products, terminating the video transmission.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Real-time Video Transmission Gear "IP series", a hosted web application, are affected:
- Real-time Vi
GHSA
GHSA-63p9-4r6q-cj4h: Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or r
ghsa_unreviewed·2023-07-26
CVE-2023-38433 [HIGH] CWE-798 GHSA-63p9-4r6q-cj4h: Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or r
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900?D / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007.
VulnCheck
fujitsu ip-he950e_firmware Use of Hard-coded Credentials
vulncheck·2023·CVSS 7.5
CVE-2023-38433 [HIGH] fujitsu ip-he950e_firmware Use of Hard-coded Credentials
fujitsu ip-he950e_firmware Use of Hard-coded Credentials
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions V01L001 to V01L053, IP-HE950D firmware versions V01L001 to V01L053, IP-HE900E firmware versions V01L001 to V01L010, IP-HE900D firmware versions V01L001 to V01L004, IP-900E / IP-920E firmware versions V01L001 to V02L061, IP-900D / IP-900ⅡD / IP-920D firmware versions V01L001 to V02L061, IP-90 firmware versions V01L001 to V01L013, and IP-9610 firmware versions V01L001 to V02L007.
Affected: fujitsu ip-he950e_firmware
Required Action: Apply rem
No detection rules found.
Nuclei
Fujitsu IP Series - Hardcoded Credentials
nuclei·CVSS 7.5
CVE-2023-38433 [HIGH] Fujitsu IP Series - Hardcoded Credentials
Fujitsu IP Series - Hardcoded Credentials
Fujitsu Real-time Video Transmission Gear “IP series” use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. The credentials cannot be changed by the end-user and provide administrative access to the devices.
Template:
id: CVE-2023-38433
info:
name: Fujitsu IP Series - Hardcoded Credentials
author: AdnaneKhan
severity: high
description: |
Fujitsu Real-time Video Transmission Gear “IP series” use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. The credentials cannot be changed by the end-user and provide administrative acc
2023-07-26
Published
Exploited in the wild