CVE-2023-0349

7.5 HIGH

Authentication Bypass

📋 TL;DR

The Akuvox E11's libvoice library has an authentication bypass vulnerability that allows unauthenticated access to camera capture functionality. Attackers can remotely view and record images/videos from affected devices. This affects Akuvox E11 devices with vulnerable libvoice library versions.

💻 Affected Systems

Products:

• Akuvox E11

Versions: All versions with vulnerable libvoice library

Operating Systems: Embedded Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Specifically affects the libvoice library component that handles camera access. Devices must have camera functionality enabled.

📦 What is this software?

E11 Firmware by Akuvox

View all CVEs affecting E11 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete loss of visual privacy - attackers can continuously monitor camera feeds, record sensitive activities, and potentially use footage for blackmail, espionage, or physical security bypass.

🟠

Likely Case

Unauthorized surveillance of private spaces, recording of confidential meetings or personal activities, and potential data exfiltration of captured media.

🟢

If Mitigated

Limited impact if devices are isolated from untrusted networks, but still vulnerable to insider threats or compromised internal systems.

🌐 Internet-Facing: HIGH - Devices exposed to the internet can be directly exploited by any remote attacker without authentication.

🏢 Internal Only: MEDIUM - Requires internal network access, but still exploitable by malicious insiders or compromised internal systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

No authentication required, simple network request to vulnerable endpoint. Likely to be weaponized due to low complexity and high impact.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check with Akuvox for specific patched versions

Vendor Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-01

Restart Required: Yes

Instructions:

1. Contact Akuvox for firmware updates. 2. Download latest firmware. 3. Apply update via device management interface. 4. Reboot device. 5. Verify camera access requires authentication.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Akuvox E11 devices from untrusted networks and internet access

Firewall Rules

all

Block all inbound traffic to Akuvox E11 devices except from authorized management systems

🧯 If You Can't Patch

• Physically disconnect or cover camera when not in use
• Deploy network monitoring to detect unauthorized camera access attempts

🔍 How to Verify

Check if Vulnerable:

Copy

Test if camera feed can be accessed without authentication via network requests to device

Check Version:

Copy

Check device firmware version via web interface or SSH: cat /etc/version or similar

Verify Fix Applied:

Copy

Verify camera access now requires proper authentication and unauthorized requests are rejected

📡 Detection & Monitoring

Log Indicators:

• Unauthenticated camera access attempts
• Unusual camera activation patterns
• Multiple failed authentication attempts followed by camera access

Network Indicators:

• Unusual traffic to camera-related ports
• Camera stream requests from unauthorized IPs
• Protocol anomalies in camera access

SIEM Query:

Copy

source="akuvox" AND (event="camera_access" OR event="unauthorized_access")

📊 Metadata

CVE ID: CVE-2023-0349

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Published: March 13, 2023

Last Updated: November 21, 2024

🔗 References

• https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-01 Third Party Advisory,US Government Resource
• https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-01 Third Party Advisory,US Government Resource

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON