Vulnerability Database

314,372

Total vulnerabilities in the database

CVE-2023-21414

NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering (commonly known as Secure Boot) contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.

Published: Oct 16, 2023
Updated: Nov 16, 2025
CVE: CVE-2023-21414
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.1
AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWEs:

CWE-121

Affected Software
References

Software	From	Fixed in
axis / axis_os	10.11.55	10.12.206
axis / axis_os	11.0.89	11.6.94
axis / axis_os	-	11.6.94

https://www.axis.com/dam/public/45/3c/a1/cve-2023-21414pdf-en-US-412758.pdf

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo