CVE-2023-0347 – This vulnerability allows attackers to identify... (How to Fix)

Q: What is the severity of CVE-2023-0347?

CVE-2023-0347 has a CVSS score of 7.5 (HIGH). This vulnerability allows attackers to identify Akuvox E11 devices on the Akuvox cloud by combining MAC and IP addresses. This affects organizations using Akuvox E11 devices connected to the Akuvox cloud service. The exposure could facilitate targeted attacks against specific devices.

📋 TL;DR

This vulnerability allows attackers to identify Akuvox E11 devices on the Akuvox cloud by combining MAC and IP addresses. This affects organizations using Akuvox E11 devices connected to the Akuvox cloud service. The exposure could facilitate targeted attacks against specific devices.

💻 Affected Systems

Products:

Akuvox E11

Versions: All versions prior to patched firmware

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects devices connected to Akuvox cloud services

📦 What is this software?

E11 Firmware by Akuvox

View all CVEs affecting E11 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could identify and target specific devices for further exploitation, potentially leading to unauthorized access, data exfiltration, or device compromise.

🟠

Likely Case

Attackers could map organizational device deployments, enabling reconnaissance for future attacks or facilitating targeted phishing/social engineering.

🟢

If Mitigated

With proper network segmentation and monitoring, the impact is limited to information disclosure about device presence.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires network access to observe MAC/IP combinations and access to Akuvox cloud services

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor for latest firmware

Vendor Advisory: https://www.akuvox.com/support

Restart Required: Yes

Instructions:

1. Contact Akuvox support for latest firmware. 2. Download firmware update. 3. Apply update via device management interface. 4. Reboot device.

🔧 Temporary Workarounds

Disable Cloud Connectivity

all

Prevent device from connecting to Akuvox cloud services

Configure device to use local management only

Network Segmentation

all

Isolate Akuvox devices in separate network segment

Implement VLAN segmentation
Configure firewall rules to restrict cloud access

🧯 If You Can't Patch

Segment Akuvox devices in isolated network with restricted internet access
Monitor network traffic for unusual cloud connections or reconnaissance attempts

🔍 How to Verify

Check if Vulnerable:

Check if device MAC and IP addresses are exposed in cloud communications

Check Version:

Check device web interface or management console for firmware version

Verify Fix Applied:

Verify device firmware version is updated and cloud communications no longer expose identifying information

📡 Detection & Monitoring

Log Indicators:

Unusual cloud connection patterns
Multiple device identification attempts

Network Indicators:

Traffic to Akuvox cloud services containing device identifiers
Reconnaissance patterns targeting specific MAC/IP combinations

SIEM Query:

source_ip IN (akuvox_devices) AND dest_ip IN (akuvox_cloud_ips) AND (protocol="http" OR protocol="https")

📊 Metadata

CVE ID: CVE-2023-0347

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Published: March 13, 2023

Last Updated: November 21, 2024

🔗 References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-01 Third Party Advisory,US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-01 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON