Critical vulnerability affecting Axis Powered by Genetec network door controllers
October 16th, 2023
A critical vulnerability affecting AXIS OS has been discovered by the Genetec team during a penetration test. This component is used by the Axis Powered by Genetec A1610 and A1210 network door controllers. Affected devices must be patched as soon as possible.
Risk assessment
This vulnerability, identified as CVE-2023-21413, allowed for a remote code execution during the installation of ACAP applications on the Axis device. The vulnerability has been assigned a CVSSv3.1 score of 9.1 (Critical).
For more details, please consult Axis Security Advisory on the topic.
Recommendation
In accordance with Axis Security Advisory, we recommend updating the Axis Powered by Genetec network door controllers to the latest version.
Affected products
|
Product |
Affected |
Patch release version |
|
Axis Powered by Genetec A1610 and A1210 network door controllers. |
Yes |
11.8.0.2 11.4.1504.0 |
|
All other Genetec Products |
No |
N/A |
For more information or assistance, please log in to the Genetec Technical Assistance Portal (GTAP) and open a support case.