CVE-2023-49897 — FXC AE1021, AE1021PE OS Command Injection Vulnerability
2023-12-21 • CISA Known Exploited Vulnerability
[event] FXC AE1021 and AE1021PE contain an OS command injection vulnerability that allows authenticated users to execute commands via a network.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | FXC |
| Product | AE1021, AE1021PE |
| CWE | CWE-78 |
| CVE ID | CVE-2023-49897 |
| Date Added | 2023-12-21 |
| Due Date | 2024-01-11 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Due Date: 2024-01-11