CVE-2023-5553

Published: Nov 21, 2023Modified: Jun 10, 2025

6.8

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.9 / Impact: 5.9

Source: NVD

Description

During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the vulnerability at this time. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.

Affected (2)

Products: Axis: Axis Os, Axis Os 2022

2 products

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Axis Axis Os	From 10.8 to 11.7.57
Axis Axis Os 2022	Before 10.12.213

Related CWEs

Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (2)

https://www.axis.com/dam/public/0a/66/25/cve-2023-5553-en-US-417789.pdf

Source: product-security@axis.com

Vendor Advisory

https://www.axis.com/dam/public/0a/66/25/cve-2023-5553-en-US-417789.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.