2N OS version 2.48.1 for 2N Intercoms includes the following changes

Precautions to be taken during update to FW version 2.48.x

• All 2N OS devices (except those on the original platform: IP Vario, IP Force, IP Safety, IP Solo, IP/LTE Verso, IP Base, IP Uni, IP Audio Kit, IP Video Kit, Access Unit, SIP Speaker) can no longer be downgraded below version 2.47.0 after updating.
• Devices no longer accept certificates signed with 1024-bit RSA keys. These certificates are removed during the update and must be replaced with certificates using at least 2048-bit RSA or ECC keys. Services relying on weaker certificates will stop functioning, and a warning will appear next to the certificate selection parameter in the web interface.
• In EAP-TLS mode, 802.1x no longer supports RADIUS certificates containing the `id-kp-clientAuth` Extended Key Usage. If such certificates are used, they will be rejected after the update, resulting in the device being unable to authenticate and connect to the network.

New Functions and Improvements

• IP Style now turns off the display backlight when idle to improve power efficiency. This setting can be adjusted via Hardware > Backlight > Backlight in Power Saving Mode.
• Devices can now generate Certificate Signing Requests (CSR) directly from the web interface under System > Certificates > CSR.
• All SIP accounts now support additional backup proxy and registrar servers.
• Accessibility features added to IP Style include Blind Assistance Mode and support for quick dial button modules. These can be configured under Calling > Dialing.
• The Bluetooth button on IP Style has been enlarged and centered in the navigation bar, which now shares a consistent design across both the standard and custom GUI interfaces.
• Changing the web interface password now requires entering the current password. As a result, restoring a configuration will no longer change the password. Auto Provisioning can change the password only if the current one is still set to default.
• A firewall has been added to ARTPEC-based devices: IP Style, IP Verso 2.0, IP One, Access Unit QR, and IP Force 2.0.

Essential Corrections

• Improved certificate handling.
• The visitor message on IP Style is now shown only when access is granted during a call.
• Fixed occasional camera preview outages after reboot.
• Prevented some certificates from reverting to factory defaults after a software factory reset (without selecting Network Settings), avoiding potential network disconnection.
• Enhanced stability of IP Style when streaming and displaying multiple video feeds.
• SIP unregistration now works correctly with non-RFC-compliant User Agent Servers.
• Removed certain unnecessary syslog messages.
• Improved stability of the Custom GUI on IP Style.
• Improved formatting of exported Directory CSV files.
• `/api/camera/snapshot` now properly applies the `quality` parameter when supported.
• SIP authentication passwords can now be up to 255 characters in length.
• The `UserAuthorized` Automation block now behaves correctly even for failed authorizations.
• DNS request lengths can now be up to 255 characters.
• Devices can now be integrated with Ateas VMS.
• RADIUS certificates are now validated properly in EAP-TLS/MSCHAPv2 scenarios.
• Commas in the Subject field of the `SendEmail` Automation block no longer cause the subject line to be truncated.
• Fixed device crashes caused by missing Origin fields in SDP offers.
• SRTP media is now correctly offered in the ACK response when using delayed SDP negotiation enforced via options.
• When SRTP is re-negotiated during a RE-INVITE, the newly established encryption key is now properly applied to outgoing media streams.
• Improved stability of the G.729 codec.
• Improved SMTP reliability.
• Enhanced handling of large-scale user directory operations.
• Important bug fixes.