Skip to main content

Critical vulnerability affecting Axis Powered by Genetec network door controllers

October 16th, 2023 

A critical vulnerability affecting AXIS OS has been discovered by the Genetec team during a penetration test. This component is used by the Axis Powered by Genetec A1610 and A1210 network door controllers. Affected devices must be patched as soon as possible. 

Risk assessment 

This vulnerability, identified as CVE-2023-21413, allowed for a remote code execution during the installation of ACAP applications on the Axis device. The vulnerability has been assigned a CVSSv3.1 score of 9.1 (Critical). 

For more details, please consult Axis Security Advisory on the topic. 

Recommendation 

In accordance with Axis Security Advisory, we recommend updating the Axis Powered by Genetec network door controllers to the latest version.

Affected products

Product 

Affected 

Patch release version

Axis Powered by Genetec  A1610 and A1210 network door controllers.  

Yes

11.8.0.2

11.4.1504.0

All other Genetec Products 

No

N/A

For more information or assistance, please log in to the  Genetec Technical Assistance Portal (GTAP) and open a support case.