What is CVE-2023-49897?

An OS command injection vulnerability has been identified in FXC's AE1021 and AE1021PE firmware, allowing attackers to execute arbitrary commands. Organizations should prioritize patching to mitigate risks of exploitation.

What is the severity of CVE-2023-49897?

CVE-2023-49897 has a severity rating of HIGH with a CVSS base score of 8.8.

Is CVE-2023-49897 in CISA KEV?

Yes. CVE-2023-49897 is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog. Organizations should prioritize remediation.

CVE-2023-49897 | High Vulnerability in FXC AE1021 and AE1021PE Firmware

An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and AE1021 firmware version 2.0.9 and earlier. If this vulnerability is exploited, an arbitrary OS command may be executed by an attacker who can log in to the product. This vulnerability is classified as high severity with a CVSS score of 8.8.

Risk to organizations includes unauthorized command execution, which can lead to data breaches, system manipulation, or service disruptions. Given the high severity and exploitability of this vulnerability, organizations should prioritize patching immediately.

Currently, there is no confirmed public exploit available for this vulnerability, but its potential for exploitation remains a significant concern. Organizations using affected firmware should prepare for mitigation and remediation efforts.

The vulnerability was published on December 6, 2023, and organizations should act swiftly to apply necessary updates or workarounds.

Vulnerability Details

The reported OS command injection vulnerability affects the firmware of FXC's AE1021 and AE1021PE models. The official description highlights that attackers with login access can execute arbitrary OS commands. The CVSS score of 8.8 indicates high severity, denoting significant impact on confidentiality, integrity, and availability.

The vulnerability is classified under CWE-78, which identifies it as an OS command injection issue. The attack vector is network-based, requiring low attack complexity and low privileges for exploitation.

Technical Analysis

The root cause of this vulnerability stems from insufficient input validation, allowing attackers to inject OS commands through vulnerable input fields. The attack vector is via network access, making it easily exploitable by authenticated users.

The attack complexity is low, as it does not require sophisticated techniques or extensive resources. Additionally, no user interaction is required to exploit this vulnerability, which increases the risk of widespread attacks.

This vulnerability significantly impacts confidentiality, integrity, and availability, posing a risk of unauthorized command execution that could compromise system operations and data security.

Risk & Impact Analysis

Organizations utilizing affected firmware versions face considerable risk, as attackers could potentially gain control over devices, execute arbitrary commands, and manipulate data or services. The high CVSS score reflects the critical nature of this vulnerability and the urgency for organizations to address it.

With an EPS score indicating a high likelihood of exploitation, organizations must recognize the potential for significant operational impact and prioritize remediation efforts accordingly.

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	Yes
Ransomware Use	No

Affected Versions

The vulnerability affects AE1021PE firmware version 2.0.9 and earlier, as well as AE1021 firmware version 2.0.9 and earlier. Organizations should upgrade to version 2.0.10 or later to mitigate the risk.

Mitigation & Remediation

Organizations should apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Ensure that all systems are updated to the latest firmware version to prevent exploitation of this vulnerability.

Regular security assessments, including penetration testing, should be conducted to identify similar weaknesses.

Detection Guidance

Monitor logs for unusual command execution patterns or unauthorized access attempts. Behavioral anomalies in system performance should also be tracked, as they may indicate exploitation attempts.

AppSecure Threat Intelligence Insight

This vulnerability showcases the ongoing risks associated with OS command injection flaws. Security teams must remain vigilant in their efforts to secure firmware and applications. The incident underscores the need for thorough testing and proactive security measures.

Organizations should invest in comprehensive security training for their staff to recognize potential vulnerabilities. Regularly updating and patching systems is critical for maintaining security. For in-depth understanding, security teams can refer to the penetration testing methodology guide.

Understanding these vulnerabilities can help prevent similar incidents in the future and bolster overall cybersecurity posture.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-49897: High Vulnerability in FXC AE1021 and AE1021PE Firmware