{"id":122082,"date":"2024-05-15T14:56:42","date_gmt":"2024-05-15T14:56:42","guid":{"rendered":"https:\/\/bas-ip.com\/?page_id=122082"},"modified":"2024-11-05T10:33:06","modified_gmt":"2024-11-05T10:33:06","slug":"bsa-000001","status":"publish","type":"page","link":"https:\/\/bas-ip.com\/hu\/bsa-000001\/","title":{"rendered":"BSA-000001"},"content":{"rendered":"<h2 class=\"wp-block-heading\" id=\"bsa-000001\">\u00c1ttekint\u00e9s<\/h2>\n\n\n\n<p>Probl\u00e9m\u00e1t fedeztek fel t\u00f6bb BAS-IP intercom k\u00e9sz\u00fcl\u00e9kben. Az eszk\u00f6z webes fel\u00fclet\u00e9hez vagy API-j\u00e1hoz hozz\u00e1f\u00e9rve a t\u00e1mad\u00f3 megszerezheti az eszk\u00f6z RTSP-kiszolg\u00e1l\u00f3j\u00e1nak \u00e9s SIP-fi\u00f3kj\u00e1nak jelszavait.<\/p>\n\n\n\n<p>A BAS-IP ezeket a sebezhet\u0151s\u00e9geket k\u00f6zepesnek min\u0151s\u00edti, \u00e9s azt javasolja, hogy az \u00fcgyfelek friss\u00edts\u00e9k az \u00e9rintett BAS-IP modelleket a leg\u00fajabb firmware-verzi\u00f3ra.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"risk-assessment\">Kock\u00e1zat\u00e9rt\u00e9kel\u00e9s<\/h2>\n\n\n\n<p>A potenci\u00e1lis t\u00e1mad\u00f3nak h\u00e1l\u00f3zati hozz\u00e1f\u00e9r\u00e9sre van sz\u00fcks\u00e9ge az eszk\u00f6zh\u00f6z ahhoz, hogy kihaszn\u00e1lhassa a sebezhet\u0151s\u00e9geket. A t\u00e1mad\u00f3nak hiteles\u00edt\u0151 adatokra van sz\u00fcks\u00e9ge ahhoz, hogy sikeresen kompromitt\u00e1lja az eszk\u00f6zt. A kock\u00e1zat att\u00f3l f\u00fcgg, hogy mennyire van kit\u00e9ve az eszk\u00f6z. Az internetre n\u00e9z\u0151 eszk\u00f6z\u00f6k (pl. router port-tov\u00e1bb\u00edt\u00e1son kereszt\u00fcl) nagy kock\u00e1zatnak vannak kit\u00e9ve. A v\u00e9dett helyi h\u00e1l\u00f3zaton telep\u00edtett term\u00e9kek kisebb kock\u00e1zatnak vannak kit\u00e9ve.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"risk-mitigation\">Kock\u00e1zatcs\u00f6kkent\u00e9s<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Er\u0151sen aj\u00e1nlott az \u00e9rintett modellek friss\u00edt\u00e9se a leg\u00fajabb firmware-re.<\/li>\n\n\n\n<li>Nem aj\u00e1nlott az eszk\u00f6z\u00f6ket k\u00f6zvetlen\u00fcl az internetnek kitenni (port-tov\u00e1bb\u00edt\u00e1s).<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"affected-models-and-patched-firmware\">\u00c9rintett modellek \u00e9s jav\u00edtott firmware<\/h2>\n\n\n\n<p>\u00c9rintett modellek list\u00e1ja:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>AV-01D<\/li>\n\n\n\n<li>AV-01MD<\/li>\n\n\n\n<li>AV-01MFD<\/li>\n\n\n\n<li>AV-01ED<\/li>\n\n\n\n<li>AV-01KD<\/li>\n\n\n\n<li>AV-01BD<\/li>\n\n\n\n<li>AV-01KBD<\/li>\n\n\n\n<li>AV-02D<\/li>\n\n\n\n<li>AV-02IDE<\/li>\n\n\n\n<li>AV-02IDR<\/li>\n\n\n\n<li>AV-02IPD<\/li>\n\n\n\n<li>AV-02FDE<\/li>\n\n\n\n<li>AV-02FDR<\/li>\n\n\n\n<li>AV-03D<\/li>\n\n\n\n<li>AV-03BD<\/li>\n\n\n\n<li>AV-04AFD<\/li>\n\n\n\n<li>AV-04ASD<\/li>\n\n\n\n<li>AV-04FD<\/li>\n\n\n\n<li>AV-04SD<\/li>\n\n\n\n<li>AV-05FD<\/li>\n\n\n\n<li>AV-05SD<\/li>\n\n\n\n<li>AA-07BD<\/li>\n\n\n\n<li>AA-07BDI<\/li>\n\n\n\n<li>BA-04BD<\/li>\n\n\n\n<li>BA-04MD<\/li>\n\n\n\n<li>BA-08BD<\/li>\n\n\n\n<li>BA-08MD<\/li>\n\n\n\n<li>BA-12BD<\/li>\n\n\n\n<li>BA-12MD<\/li>\n\n\n\n<li>CR-02BD<\/li>\n<\/ul>\n\n\n\n<p>A firmware jav\u00edtott verzi\u00f3ja:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>3.9.2<\/li>\n<\/ul>","protected":false},"excerpt":{"rendered":"<p>\u00c1ttekint\u00e9s Probl\u00e9m\u00e1t fedeztek fel t\u00f6bb BAS-IP intercom k\u00e9sz\u00fcl\u00e9kben. Az eszk\u00f6z webes fel\u00fclet\u00e9hez vagy API-j\u00e1hoz hozz\u00e1f\u00e9rve a t\u00e1mad\u00f3 megszerezheti az eszk\u00f6z RTSP-kiszolg\u00e1l\u00f3j\u00e1nak \u00e9s SIP-fi\u00f3kj\u00e1nak jelszavait. A BAS-IP ezeket a sebezhet\u0151s\u00e9geket k\u00f6zepesnek min\u0151s\u00edti, \u00e9s azt javasolja, hogy az \u00fcgyfelek friss\u00edts\u00e9k az \u00e9rintett BAS-IP modelleket a leg\u00fajabb firmware-verzi\u00f3ra. Kock\u00e1zat\u00e9rt\u00e9kel\u00e9s A potenci\u00e1lis t\u00e1mad\u00f3nak h\u00e1l\u00f3zati hozz\u00e1f\u00e9r\u00e9sre van sz\u00fcks\u00e9ge az eszk\u00f6zh\u00f6z [&hellip;]<\/p>","protected":false},"author":3,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"inline_featured_image":false,"footnotes":""},"class_list":["post-122082","page","type-page","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/bas-ip.com\/hu\/wp-json\/wp\/v2\/pages\/122082","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bas-ip.com\/hu\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/bas-ip.com\/hu\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/bas-ip.com\/hu\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/bas-ip.com\/hu\/wp-json\/wp\/v2\/comments?post=122082"}],"version-history":[{"count":1,"href":"https:\/\/bas-ip.com\/hu\/wp-json\/wp\/v2\/pages\/122082\/revisions"}],"predecessor-version":[{"id":122083,"href":"https:\/\/bas-ip.com\/hu\/wp-json\/wp\/v2\/pages\/122082\/revisions\/122083"}],"wp:attachment":[{"href":"https:\/\/bas-ip.com\/hu\/wp-json\/wp\/v2\/media?parent=122082"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}