Vulnerability Description
Aiphone GT-DMB-N 3-in-1 Video Entrance Station with NFC Reader 1.0.3 does not mitigate against repeated failed access attempts, which allows an attacker to gain administrative privileges.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Aiphone | Gt-Dmb-N Firmware | < 3.00 |
| Aiphone | Gt-Dmb-N | - |
| Aiphone | Gt-Dmb Firmware | < 3.00 |
| Aiphone | Gt-Dmb | - |
| Aiphone | Gt-Dmb-Lvn Firmware | < 3.00 |
| Aiphone | Gt-Dmb-Lvn | - |
| Aiphone | Gt-Db-Vn Firmware | < 2.00 |
| Aiphone | Gt-Db-Vn | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/jp/JVN75437943/index.htmlThird Party AdvisoryVDB Entry
- https://www.aiphone.net/Vendor Advisory
- https://jvn.jp/en/jp/JVN75437943/index.htmlThird Party AdvisoryVDB Entry
- https://www.aiphone.net/Vendor Advisory
FAQ
What is CVE-2022-40903?
CVE-2022-40903 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Aiphone GT-DMB-N 3-in-1 Video Entrance Station with NFC Reader 1.0.3 does not mitigate against repeated failed access attempts, which allows an attacker to gain administrative privileges.
How severe is CVE-2022-40903?
CVE-2022-40903 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-40903?
Check the references section above for vendor advisories and patch information. Affected products include: Aiphone Gt-Dmb-N Firmware, Aiphone Gt-Dmb-N, Aiphone Gt-Dmb Firmware, Aiphone Gt-Dmb, Aiphone Gt-Dmb-Lvn Firmware.