CVE-2023-49897 - FXC AE1021, AE1021PE OS Command Injection Vulnerability
Project:FXC
Product:AE1021, AE1021PE
Date Added:2023-12-21Due Date:2024-01-11
Vulnerability Name
FXC AE1021, AE1021PE OS Command Injection Vulnerability
Description
FXC AE1021 and AE1021PE contain an OS command injection vulnerability that allows authenticated users to execute commands via a network.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://www.fxc.jp/news/20231206
https://nvd.nist.gov/vuln/detail/CVE-2023-49897