Description
Aiphone GT-DMB-N 3-in-1 Video Entrance Station with NFC Reader 1.0.3 does not mitigate against repeated failed access attempts, which allows an attacker to gain administrative privileges.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry
https://jvn.jp/en/jp/JVN75437943/index.html
Vendor Advisory
https://www.aiphone.net/
Scores
CVSS v3
6.5
EPSS
0.0029
EPSS Percentile
21.0%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-307
Status
published
Products (4)
aiphone/gt-db-vn_firmware
< 2.00
aiphone/gt-dmb-lvn_firmware
< 3.00
aiphone/gt-dmb-n_firmware
< 3.00
aiphone/gt-dmb_firmware
< 3.00
Published
Nov 14, 2022
Tracked Since
Feb 18, 2026