CVE-2023-21414

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Oct 16, 2023
Updated: Oct 20, 2023

Summary

CVE-2023-21414 is a cyber vulnerability discovered during an annual internal penetration test conducted by NCC Group for Axis Communications. The flaw affects the protection for device tampering, known as Secure Boot, and allows for a sophisticated attack to bypass this protection. Multiple products are affected, including AXIS OS versions, and Axis has released patched versions to address the vulnerability. The risk score of this vulnerability is 25, with a base severity of medium. The potential danger it poses to organizations is high, with a physical attack vector and high impact on confidentiality and integrity.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-21414 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options