CVE-2023-38433 – Fujitsu Real-time Video Transmission Gear 'IP s... (How to Fix)

Q: What is the severity of CVE-2023-38433?

CVE-2023-38433 has a CVSS score of 7.5 (HIGH). Fujitsu Real-time Video Transmission Gear 'IP series' devices contain hard-coded credentials that allow remote unauthenticated attackers to initialize or reboot the products. This vulnerability affects multiple Fujitsu IP series video transmission devices with specific firmware versions, potentially disrupting video transmission services.

📋 TL;DR

Fujitsu Real-time Video Transmission Gear 'IP series' devices contain hard-coded credentials that allow remote unauthenticated attackers to initialize or reboot the products. This vulnerability affects multiple Fujitsu IP series video transmission devices with specific firmware versions, potentially disrupting video transmission services.

💻 Affected Systems

Products:

IP-HE950E
IP-HE950D
IP-HE900E
IP-HE900D
IP-900E
IP-920E
IP-900D
IP-900ⅡD
IP-920D
IP-90
IP-9610

Versions: V01L001 to V01L053 for IP-HE950E/D; V01L001 to V01L010 for IP-HE900E; V01L001 to V01L004 for IP-HE900D; V01L001 to V02L061 for IP-900E/920E/900D/900ⅡD/920D; V01L001 to V01L013 for IP-90; V01L001 to V02L007 for IP-9610

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: All affected firmware versions are vulnerable by default due to hard-coded credentials.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker could repeatedly reboot devices, causing sustained denial of service and complete disruption of video transmission services.

🟠

Likely Case

Attackers reboot devices to temporarily disrupt video feeds during critical operations or events.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to isolated network segments.

🌐 Internet-Facing: HIGH - Devices exposed to internet can be directly attacked without authentication.

🏢 Internal Only: MEDIUM - Internal attackers or compromised systems could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires only knowledge of hard-coded credentials and network access to device management interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Fujitsu advisory for specific fixed versions per product

Vendor Advisory: https://www.fujitsu.com/global/products/computing/peripheral/video/download/

Restart Required: Yes

Instructions:

1. Download latest firmware from Fujitsu support site. 2. Backup current configuration. 3. Apply firmware update following vendor instructions. 4. Verify update completed successfully. 5. Test video transmission functionality.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Fujitsu IP series devices in separate VLAN with strict access controls

Firewall Rules

linux

Block external access to device management interfaces (typically HTTP/HTTPS ports)

iptables -A INPUT -p tcp --dport 80 -j DROP
iptables -A INPUT -p tcp --dport 443 -j DROP

🧯 If You Can't Patch

Place devices behind VPN with strict authentication requirements
Implement network monitoring for reboot/initialization attempts

🔍 How to Verify

Check if Vulnerable:

Check device firmware version via web interface or serial console and compare against affected versions list

Check Version:

Check via device web interface at http(s)://[device-ip]/ or serial console connection

Verify Fix Applied:

Confirm firmware version is updated beyond affected ranges and test that hard-coded credentials no longer work

📡 Detection & Monitoring

Log Indicators:

Unexpected device reboots
Initialization events from unknown IPs
Failed authentication attempts followed by successful access

Network Indicators:

HTTP/HTTPS requests to device management interface from unexpected sources
POST requests to reboot/initialize endpoints

SIEM Query:

source="fujitsu-ip-device" AND (event="reboot" OR event="initialize") AND src_ip NOT IN [allowed_management_ips]

📊 Metadata

CVE ID: CVE-2023-38433

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-798

Published: July 26, 2023

Last Updated: November 21, 2024

🔗 References

https://jvn.jp/en/jp/JVN95727578/ Third Party Advisory
https://www.fujitsu.com/global/products/computing/peripheral/video/download/ Product
https://jvn.jp/en/jp/JVN95727578/ Third Party Advisory
https://www.fujitsu.com/global/products/computing/peripheral/video/download/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-38433, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Ip 90 Firmware by Fujitsu

Ip 900d Firmware by Fujitsu

Ip 900e Firmware by Fujitsu

Ip 900iid Firmware by Fujitsu

Ip 920d Firmware by Fujitsu

Ip 920e Firmware by Fujitsu

Ip 9610 Firmware by Fujitsu

Ip He900d Firmware by Fujitsu

Ip He900e Firmware by Fujitsu

Ip He950d Firmware by Fujitsu

Ip He950e Firmware by Fujitsu