CVE-2024-47257 HIGH

CVE-2024-47257

Vendor Axis Communications Ab
Product AXIS Q6128-E PTZ Network Camera
Weakness CWE-1284
Published November 26, 2024
Last update November 29, 2024

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Florent Thiéry has found that selected Axis devices were vulnerable to handling certain ethernet frames which could lead to the Axis device becoming unavailable in the network. Axis has released patched AXIS OS versions for the highlighted flaw for products that are still under AXIS OS software support. Please refer to the Axis security advisory for more information and solution.

Key dates

02Disclosure timeline

November 26, 2024 CVE published
November 29, 2024 Record updated