#VU98818 Use of Hard-coded Cryptographic Key in AIPHONE products - CVE-2024-45837

Vulnerability identifier: #VU98818

Vulnerability risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-45837

CWE-ID: CWE-321

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
IX-MV
Hardware solutions / Firmware
IX-MV7-HB
Hardware solutions / Firmware
IX-MV7-HBT
Hardware solutions / Firmware
IX-MV7-HW
Hardware solutions / Firmware
IX-MV7-HWT
Hardware solutions / Firmware
IX-MV7-HW-JP
Hardware solutions / Firmware
IX-MV7-B
Hardware solutions / Firmware
IX-MV7-BT
Hardware solutions / Firmware
IX-MV7-W
Hardware solutions / Firmware
IX-MV7-WT
Hardware solutions / Firmware
IX-DA
Hardware solutions / Firmware
IX-DAU
Hardware solutions / Firmware
IX-DB
Hardware solutions / Firmware
IX-DBT
Hardware solutions / Firmware
IX-EA
Hardware solutions / Firmware
IX-EAT
Hardware solutions / Firmware
IX-EAU
Hardware solutions / Firmware
IX-DV
Hardware solutions / Firmware
IX-DVT
Hardware solutions / Firmware
IX-DVF
Hardware solutions / Firmware
IX-DVF-P
Hardware solutions / Firmware
IX-DVF-L
Hardware solutions / Firmware
IX-DVM
Hardware solutions / Firmware
IX-DU
Hardware solutions / Firmware
IX-DVF-RA
Hardware solutions / Firmware
IX-DVF-2RA
Hardware solutions / Firmware
IX-BA
Hardware solutions / Firmware
IX-BAU
Hardware solutions / Firmware
IX-BB
Hardware solutions / Firmware
IX-BBT
Hardware solutions / Firmware
IX-FA
Hardware solutions / Firmware
IX-SSA
Hardware solutions / Firmware
IX-SS-2G
Hardware solutions / Firmware
IX-SS-2GT
Hardware solutions / Firmware
IX-SS-2G-N
Hardware solutions / Firmware
IX-BU
Hardware solutions / Firmware
IX-SSA-RA
Hardware solutions / Firmware
IX-SSA-2RA
Hardware solutions / Firmware
IX-RS-B
Hardware solutions / Firmware
IX-RS-BT
Hardware solutions / Firmware
IX-RS-W
Hardware solutions / Firmware
IX-RS-WT
Hardware solutions / Firmware
IXW-MA
Hardware solutions / Firmware
IX-SPMIC
Hardware solutions / Firmware
IXG-2C7
Hardware solutions / Firmware
IXG-2C7-L
Hardware solutions / Firmware
IXG-DM7
Hardware solutions / Firmware
IXG-DM7-HID
Hardware solutions / Firmware
IXG-DM7-HIDA
Hardware solutions / Firmware
IXG-DM7-10K
Hardware solutions / Firmware
IXG-MK
Hardware solutions / Firmware
IXGW-GW
Hardware solutions / Firmware
IXGW-TGW
Hardware solutions / Firmware
IXGW-LC
Hardware solutions / Firmware
IX-SupportTool
Hardware solutions / Firmware
IXG-SupportTool
Hardware solutions / Firmware

Vendor: AIPHONE

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to use of hard-coded cryptographic key. A remote attacker on the local network can log in to SFTP service and obtain and/or manipulate unauthorized files.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

IX-MV: 7.30

IX-MV7-HB: 7.31

IX-MV7-HBT: 7.31

IX-MV7-HW: 7.31

IX-MV7-HWT: 7.31

IX-MV7-HW-JP: 7.31

IX-MV7-B: 7.31

IX-MV7-BT: 7.31

IX-MV7-W: 7.31

IX-MV7-WT: 7.31

IX-DA: 7.30

IX-DAU: 7.30

IX-DB: 7.30

IX-DBT: 7.30

IX-EA: 7.30

IX-EAT: 7.30

IX-EAU: 7.30

IX-DV: 7.30

IX-DVT: 7.30

IX-DVF: 7.30

IX-DVF-P: 7.30

IX-DVF-L: All versions

IX-DVM: All versions

IX-DU: All versions

IX-DVF-RA: All versions

IX-DVF-2RA: All versions

IX-BA: All versions

IX-BAU: All versions

IX-BB: All versions

IX-BBT: All versions

IX-FA: 7.30

IX-SSA: 7.30

IX-SS-2G: 7.30

IX-SS-2GT: 7.30

IX-SS-2G-N: 7.30

IX-BU: 7.30

IX-SSA-RA: 7.30

IX-SSA-2RA: 7.30

IX-RS-B: 7.30

IX-RS-BT: 7.30

IX-RS-W: 7.30

IX-RS-WT: 7.30

IXW-MA: 7.30

IX-SPMIC: 7.30

IXG-2C7: 3.01

IXG-2C7-L: 3.01

IXG-DM7: 3.00

IXG-DM7-HID: 3.00

IXG-DM7-HIDA: 3.00

IXG-DM7-10K: 3.00

IXG-MK: 3.00

IXGW-GW: 3.01

IXGW-TGW: 3.01

IXGW-LC: 3.00

IX-SupportTool: 10.3.0.0

IXG-SupportTool: 5.0.2.0

---

External links
https://jvn.jp/en/jp/JVN41397971/index.html

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.