tagline: Confidence in the Connected World
CIS Logo
HomeResourcesAdvisoriesA Vulnerability in Vanderbilt Industries Siemens IP CCTV Cameras Could Allow for Administrative Credentials Disclosure

A Vulnerability in Vanderbilt Industries Siemens IP CCTV Cameras Could Allow for Administrative Credentials Disclosure

MS-ISAC ADVISORY NUMBER:

2016-175

DATE(S) ISSUED:

11/21/2016

OVERVIEW:

A vulnerability has been discovered in Vanderbilt Industries Siemens IP CCTV cameras that could allow for administrative credentials disclosure. The SIEMENS-branded IP-based CCTV cameras portfolio includes a range of megapixel cameras in various configuration and mounting options. According to Vanderbilt, these products are deployed across several sectors including commercial facilities, healthcare and public health, and government facilities. Vanderbilt estimates that these products are used worldwide. Successful exploitation of this vulnerability could allow an attacker to retrieve the administrative credentials for the affected device. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

THREAT INTELLIGENCE:

There are currently no reports of these vulnerabilities being exploited in the wild.

SYSTEMS AFFECTED:

  • CCMW3025: All versions prior to 1.41_SP18_S1
  • CVMW3025-IR: All versions prior to 1.41_SP18_S1
  • CFMW3025: All versions prior to 1.41_SP18_S1
  • CCPW3025: All versions prior to 0.1.73_S1
  • CCPW5025: All versions prior to 0.1.73_S1
  • CCMD3025-DN18: All versions prior to v1.394_S1
  • CCID1445-DN18: All versions prior to v2635
  • CCID1445-DN28: All versions prior to v2635
  • CCID1445-DN36: All versions prior to v2635
  • CFIS1425: All versions prior to v2635
  • CCIS1425: All versions prior to v2635
  • CFMS2025: All versions prior to v2635
  • CCMS2025: All versions prior to v2635
  • CVMS2025-IR: All versions prior to v2635
  • CFMW1025: All versions prior to v2635
  • CCMW1025: All versions prior to v2635

RISK:

Goverment:
  • Large and medium government entities: HIGH
  • Small government entities: HIGH
Businesses:
  • Large and medium business entities: HIGH
  • Small business entities: HIGH
Home Users:
N/A

TECHNICAL SUMMARY:

A vulnerability has been discovered in Vanderbilt Industries Siemens IP CCTV Cameras that could allow for administrative credentials disclosure. The vulnerability can be exploited when an attacker sends specially crafted requests to the camera’s web server.

Successful exploitation of this vulnerability could allow an attacker to retrieve the administrative credentials for the affected device. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

RECOMENDATIONS:

We recommend the following actions be taken:

Install the updates provided by Siemens immediately after appropriate testing.
Until patches can be applied, restricting access to the integrated web server with appropriate mechanisms is recommended.
Operate the devices within trusted network
Enable authentication on the web server
Apply the Principle of Least Privilege to all systems and services.

REFERENCES:

Siemens Security Advisory by Siemens Product CERT:
http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-284765.pdf
CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9155 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5290 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5293 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5294 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5296 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5298 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5299 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8635 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9061 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9062 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9064 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9065 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9066 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9067 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9068 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9069 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9070 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9071 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9072 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9073 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9074 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9075 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9077

Get Email Updates When Cyber Threats Like This Arise

Arrow Subscribe to Advisories

Protect Your Systems from Cyber Threats Like This

CIS Controls That Help Avoid This Issue Arrow CIS Control 1: Inventory of Authorized and Unauthorized Devices Arrow CIS Control 4: Continuous Vulnerability Assessment and Remediation