Vulnerability in Secure Boot of AXIS OS by Axis Communications
CVE-2023-21414

6.8MEDIUM

Key Information:

Vendor: Axis Communications Ab
Status: Axis Os; Axis A8207-ve Mk Ii; Axis Q3527-lve
Vendor: CVE Published:; 16 October 2023

🔔 Create Axis Communications Ab Vulnerability Alert

What is CVE-2023-21414?

A vulnerability has been identified in the Secure Boot implementation of AXIS OS, which could allow sophisticated attackers to bypass device tampering protections. Discovered during an annual penetration test by NCC Group, this flaw necessitates immediate attention from users and administrators of Axis devices. Axis Communications has released patched versions of AXIS OS to address this issue. Users are encouraged to review Axis's security advisory for detailed information and guidance on updating their affected products.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

AXIS A8207-VE Mk II AXIS OS 11.5 or earlier

AXIS OS ARTPEC 8 AXIS OS 10.11 - 11.5

AXIS Q3527-LVE AXIS OS 10.11 - 11.5

References

https://www.axis.com/dam/public/45/3c/a1/cve-2023-21414pd...

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 16, 2023
Vulnerability Reserved
Nov 4, 2022

JSON

Axis Communications Ab

What is CVE-2023-21414?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.