Akuvox E11

Act Now9.8ICS-CERT ICSA-23-068-01Mar 29, 2023

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Akuvox E11 intercoms contain multiple critical vulnerabilities in authentication, encryption, and access control (CWE-287, CWE-798, CWE-862, CWE-284, and others). Successful exploitation grants full administrative control and access to sensitive information. All versions are affected, and the vendor has not yet released a patch. No known public exploits exist at this time.

What this means

What could happen

An attacker could gain full administrative control of the Akuvox E11 intercom device and access sensitive information, potentially allowing surveillance or disruption of facility access control and communication systems.

Who's at risk

Facilities that use Akuvox E11 intercoms for access control, visitor screening, or internal communication should be concerned. This includes water treatment plants, electrical substations, wastewater facilities, and municipal buildings with secured entry points where the E11 controls or monitors access.

How it could be exploited

An attacker on the network could exploit one or more of the authentication, encryption, or access control weaknesses (CWE-287, CWE-798, CWE-862) in the E11 to bypass security controls and gain administrative access without valid credentials. No specific public exploit is known, but the CVSS 9.8 rating and multiple critical CWEs indicate the attack is straightforward and does not require special privileges or user interaction.

Prerequisites

Network access to the E11 device (can be from internal network or internet if device is internet-exposed)
No valid credentials required

Remotely exploitableNo authentication requiredLow complexity attackNo patch availableHigh CVSS score (9.8)Affects facility access control and monitoring

Exploitability

Low exploit probability (EPSS 0.3%)

Affected products (1)

ProductAffected VersionsFix Status

E11: All versionsAll versionsNo fix (EOL)

Remediation & Mitigation

0/6

Do now

0/3

WORKAROUNDDisconnect Akuvox E11 devices from the internet immediately until vendor provides a patch

WORKAROUNDIf disconnection from internet is not possible, disable video recording on the device to reduce sensitive data exposure risk

HARDENINGPlace E11 devices behind a firewall and isolate from business network; restrict network access to authorized personnel only

Schedule — requires maintenance window

0/3

Patching may require device reboot — plan for process interruption

HARDENINGIf remote access to E11 is required, use a VPN with current security updates and restrict VPN access to authorized engineering staff only

HARDENINGMonitor for suspicious administrative access or configuration changes on E11 devices; log all access attempts

HOTFIXContact Akuvox for vulnerability details and patch availability status

CVEs (13)

CVE-2023-0343 CVE-2023-0355 CVE-2023-0354 CVE-2023-0353 CVE-2023-0352 CVE-2023-0351 CVE-2023-0350 CVE-2023-0349 CVE-2023-0348 CVE-2023-0347 CVE-2023-0346 CVE-2023-0345 CVE-2023-0344

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/a370532d-9f6f-4593-9528-16c596093213