CVE-2024-39921

Published Sep 4, 2024
·
Updated

Observable timing discrepancy issue exists in IPCOM EX2 Series V01L02NF0001 to V01L06NF0401, V01L20NF0001 to V01L20NF0401, V02L20NF0001 to V02L21NF0301, and IPCOM VE2 Series V01L04NF0001 to V01L06NF0112. If this vulnerability is exploited, some of the encrypted communication may be decrypted by an attacker who can obtain the contents of the communication.

Affected Software

54 affected components
All of the following
Fujitsu Ipcom Ve2 Ls 100 Firmware>=v01l04nf0001<=v01l06nf0112
Fujitsu Ipcom Ve2 Ls 100
All of the following
Fujitsu Ipcom Ve2 Ls 200 Firmware>=v01l04nf0001<=v01l06nf0112
Fujitsu Ipcom Ve2 Ls 200
All of the following
Fujitsu Ipcom Ve2 Ls 220 Firmware>=v01l04nf0001<=v01l06nf0112
Fujitsu Ipcom Ve2 Ls 220
All of the following
Fujitsu Ipcom Ve2 Ls Plus 100 Firmware>=v01l04nf0001<=v01l06nf0112
Fujitsu Ipcom Ve2 Ls Plus 100
All of the following
Fujitsu Ipcom Ve2 Ls Plus 200 Firmware>=v01l04nf0001<=v01l06nf0112
Fujitsu Ipcom Ve2 Ls Plus 200
All of the following
Fujitsu Ipcom Ve2 Ls Plus 220 Firmware>=v01l04nf0001<=v01l06nf0112
Fujitsu Ipcom Ve2 Ls Plus 220
All of the following
Fujitsu Ipcom Ve2 Ls Plus2 200 Firmware>=v01l04nf0001<=v01l06nf0112
Fujitsu Ipcom Ve2 Ls Plus2 200
All of the following
Fujitsu Ipcom Ve2 Ls Plus2 220 Firmware>=v01l04nf0001<=v01l06nf0112
Fujitsu Ipcom Ve2 Ls Plus2 220
All of the following
Fujitsu Ipcom Ve2 Sc Plus 100 Firmware>=v01l04nf0001<=v01l06nf0112
Fujitsu Ipcom Ve2 Sc Plus 100
All of the following
Fujitsu Ipcom Ve2 Sc Plus 200 Firmware>=v01l04nf0001<=v01l06nf0112
Fujitsu Ipcom Ve2 Sc Plus 200
All of the following
Fujitsu Ipcom Ve2 Sc Plus 220 Firmware>=v01l04nf0001<=v01l06nf0112
Fujitsu Ipcom Ve2 Sc Plus 220
All of the following
Any of the following
Fujitsu Ipcom Ex2 In 3200 Firmware>=v01l02nf0001<=v01l06nf0401
Fujitsu Ipcom Ex2 In 3200 Firmware>=v01l20nf0001<=v01l20nf0401
Fujitsu Ipcom Ex2 In 3200 Firmware>=v02l20nf0001<=v02l21nf0301
Fujitsu Ipcom Ex2 In 3200
All of the following
Any of the following
Fujitsu Ipcom Ex2 In 3500 Firmware>=v01l02nf0001<=v01l06nf0401
Fujitsu Ipcom Ex2 In 3500 Firmware>=v01l20nf0001<=v01l20nf0401
Fujitsu Ipcom Ex2 In 3500 Firmware>=v02l20nf0001<=v02l21nf0301
Fujitsu Ipcom Ex2 In 3500
All of the following
Any of the following
Fujitsu Ipcom Ex2 Lb 3200 Firmware>=v01l02nf0001<=v01l06nf0401
Fujitsu Ipcom Ex2 Lb 3200 Firmware>=v01l20nf0001<=v01l20nf0401
Fujitsu Ipcom Ex2 Lb 3200 Firmware>=v02l20nf0001<=v02l21nf0301
Fujitsu Ipcom Ex2 Lb 3200
All of the following
Any of the following
Fujitsu Ipcom Ex2 Lb 3500 Firmware>=v01l02nf0001<=v01l06nf0401
Fujitsu Ipcom Ex2 Lb 3500 Firmware>=v01l20nf0001<=v01l20nf0401
Fujitsu Ipcom Ex2 Lb 3500 Firmware>=v02l20nf0001<=v02l21nf0301
Fujitsu Ipcom Ex2 Lb 3500
All of the following
Any of the following
Fujitsu Ipcom Ex2 Sc 3200 Firmware>=v01l02nf0001<=v01l06nf0401
Fujitsu Ipcom Ex2 Sc 3200 Firmware>=v01l20nf0001<=v01l20nf0401
Fujitsu Ipcom Ex2 Sc 3200 Firmware>=v02l20nf0001<=v02l21nf0301
Fujitsu Ipcom Ex2 Sc 3200
All of the following
Any of the following
Fujitsu Ipcom Ex2 Sc 3500 Firmware>=v01l02nf0001<=v01l06nf0401
Fujitsu Ipcom Ex2 Sc 3500 Firmware>=v01l20nf0001<=v01l20nf0401
Fujitsu Ipcom Ex2 Sc 3500 Firmware>=v02l20nf0001<=v02l21nf0301
Fujitsu Ipcom Ex2 Sc 3500
All of the following
Any of the following
Fujitsu Ipcom Ex2 Dc 3200 Firmware>=v01l02nf0001<=v01l06nf0401
Fujitsu Ipcom Ex2 Dc 3200 Firmware>=v01l20nf0001<=v01l20nf0401
Fujitsu Ipcom Ex2 Dc 3200 Firmware>=v02l20nf0001<=v02l21nf0301
Fujitsu Ipcom Ex2 Dc 3200
All of the following
Any of the following
Fujitsu Ipcom Ex2 Dc 3500 Firmware>=v01l02nf0001<=v01l06nf0401
Fujitsu Ipcom Ex2 Dc 3500 Firmware>=v01l20nf0001<=v01l20nf0401
Fujitsu Ipcom Ex2 Dc 3500 Firmware>=v02l20nf0001<=v02l21nf0301
Fujitsu Ipcom Ex2 Dc 3500

Event History

Sep 4, 2024
CVE Published
via MITRE·01:51 AM
Data Sourced
via MITRE·01:51 AM
DescriptionWeakness
Data Sourced
via NVD·03:15 AM
Description
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2024-39921?

CVE-2024-39921 is classified as a medium-severity vulnerability affecting multiple Fujitsu IPCOM firmware versions.

2

How do I fix CVE-2024-39921?

To fix CVE-2024-39921, update the affected IPCOM EX2 and VE2 firmware to the latest recommended version provided by Fujitsu.

3

What systems are affected by CVE-2024-39921?

CVE-2024-39921 affects Fujitsu IPCOM EX2 and VE2 series devices with specific firmware versions ranging from V01L02NF0001 to V01L06NF0401.

4

What kind of vulnerability is CVE-2024-39921?

CVE-2024-39921 is an observable timing discrepancy issue that could lead to potential decryption of encrypted communications.

5

Is there a workaround for CVE-2024-39921?

There are no known workarounds for CVE-2024-39921; the recommended action is to apply the firmware update to mitigate the vulnerability.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203