{"id":122111,"date":"2024-05-15T14:56:42","date_gmt":"2024-05-15T14:56:42","guid":{"rendered":"https:\/\/bas-ip.com\/?page_id=122111"},"modified":"2024-11-05T10:54:09","modified_gmt":"2024-11-05T10:54:09","slug":"bsa-000001","status":"publish","type":"page","link":"https:\/\/bas-ip.com\/sv\/bsa-000001\/","title":{"rendered":"BSA-000001"},"content":{"rendered":"<h2 class=\"wp-block-heading\" id=\"bsa-000001\">\u00d6versikt<\/h2>\n\n\n\n<p>Ett problem har uppt\u00e4ckts i flera BAS-IP intercom-enheter. Genom att komma \u00e5t enhetens webbgr\u00e4nssnitt eller API kan en angripare f\u00e5 tag p\u00e5 l\u00f6senord f\u00f6r enhetens RTSP-server och SIP-konto.<\/p>\n\n\n\n<p>BAS-IP klassificerar dessa s\u00e5rbarheter som medelh\u00f6ga och rekommenderar att kunder uppgraderar ber\u00f6rda BAS-IP-modeller till den senaste firmwareversionen.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"risk-assessment\">Riskbed\u00f6mning<\/h2>\n\n\n\n<p>En potentiell motst\u00e5ndare beh\u00f6ver n\u00e4tverks\u00e5tkomst till enheten f\u00f6r att kunna utnyttja s\u00e5rbarheterna. En angripare beh\u00f6ver inloggningsuppgifter f\u00f6r att lyckas kompromettera enheten. Risken beror p\u00e5 hur exponerad enheten \u00e4r. Enheter som vetter mot Internet (t.ex. exponerade via routerns port-forward) l\u00f6per h\u00f6g risk. Produkter som distribueras i ett skyddat lokalt n\u00e4tverk l\u00f6per l\u00e4gre risk.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"risk-mitigation\">Risk mitigation<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Vi rekommenderar starkt att du uppgraderar ber\u00f6rda modeller till den senaste firmwareversionen.<\/li>\n\n\n\n<li>Det \u00e4r inte rekommenderat att exponera enheter direkt mot Internet (portforwarding).<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"affected-models-and-patched-firmware\">Ber\u00f6rda modeller och patchad firmware<\/h2>\n\n\n\n<p>Ber\u00f6rda modeller lista:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>AV-01D<\/li>\n\n\n\n<li>AV-01MD<\/li>\n\n\n\n<li>AV-01MFD<\/li>\n\n\n\n<li>AV-01ED<\/li>\n\n\n\n<li>AV-01KD<\/li>\n\n\n\n<li>AV-01BD<\/li>\n\n\n\n<li>AV-01KBD<\/li>\n\n\n\n<li>AV-02D<\/li>\n\n\n\n<li>AV-02IDE<\/li>\n\n\n\n<li>AV-02IDR<\/li>\n\n\n\n<li>AV-02IPD<\/li>\n\n\n\n<li>AV-02FDE<\/li>\n\n\n\n<li>AV-02FDR<\/li>\n\n\n\n<li>AV-03D<\/li>\n\n\n\n<li>AV-03BD<\/li>\n\n\n\n<li>AV-04AFD<\/li>\n\n\n\n<li>AV-04ASD<\/li>\n\n\n\n<li>AV-04FD<\/li>\n\n\n\n<li>AV-04SD<\/li>\n\n\n\n<li>AV-05FD<\/li>\n\n\n\n<li>AV-05SD<\/li>\n\n\n\n<li>AA-07BD<\/li>\n\n\n\n<li>AA-07BDI<\/li>\n\n\n\n<li>BA-04BD<\/li>\n\n\n\n<li>BA-04MD<\/li>\n\n\n\n<li>BA-08BD<\/li>\n\n\n\n<li>BA-08MD<\/li>\n\n\n\n<li>BA-12BD<\/li>\n\n\n\n<li>BA-12MD<\/li>\n\n\n\n<li>CR-02BD<\/li>\n<\/ul>\n\n\n\n<p>Patchad version av den inbyggda programvaran:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>3.9.2<\/li>\n<\/ul>","protected":false},"excerpt":{"rendered":"<p>\u00d6versikt Ett problem har uppt\u00e4ckts i flera BAS-IP intercom-enheter. Genom att komma \u00e5t enhetens webbgr\u00e4nssnitt eller API kan en angripare f\u00e5 tag p\u00e5 l\u00f6senord f\u00f6r enhetens RTSP-server och SIP-konto. BAS-IP klassificerar dessa s\u00e5rbarheter som medelh\u00f6ga och rekommenderar att kunder uppgraderar ber\u00f6rda BAS-IP-modeller till den senaste firmwareversionen. Riskbed\u00f6mning En potentiell motst\u00e5ndare beh\u00f6ver n\u00e4tverks\u00e5tkomst till enheten f\u00f6r [&hellip;]<\/p>","protected":false},"author":3,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"inline_featured_image":false,"footnotes":""},"class_list":["post-122111","page","type-page","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/bas-ip.com\/sv\/wp-json\/wp\/v2\/pages\/122111","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bas-ip.com\/sv\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/bas-ip.com\/sv\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/bas-ip.com\/sv\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/bas-ip.com\/sv\/wp-json\/wp\/v2\/comments?post=122111"}],"version-history":[{"count":1,"href":"https:\/\/bas-ip.com\/sv\/wp-json\/wp\/v2\/pages\/122111\/revisions"}],"predecessor-version":[{"id":122112,"href":"https:\/\/bas-ip.com\/sv\/wp-json\/wp\/v2\/pages\/122111\/revisions\/122112"}],"wp:attachment":[{"href":"https:\/\/bas-ip.com\/sv\/wp-json\/wp\/v2\/media?parent=122111"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}