DROWN Attack Of IP Cameras?

We are in the process of remediating systems that are vulnerable to the DROWN attack, which impacts systems using SSLv2 or v3.

Most of our cameras are showing up as vulnerable on nmap scans.

Presumably a camera firmware upgrade is needed???

Is anyone else dealing with DROWN in relation to their camera systems?


With the full release of the CVE for the DROWN vulnerability (CVE 2016-0800), we are using Qualys to scan for DROWN vulnerabilities across the entire GU network.

Our initial scans focused on enterprise data centers.

I suspect we'll find 500+ cameras vulnerable with the broader scan.

William, thanks for sharing. We have not heard anything from IP camera manufacturers yet.

What camera models / manufacturers of yours are showing up as vulnerable?

Most of our cameras are showing up as vulnerable on nmap scans.
Presumably a camera firmware upgrade is needed???
Is anyone else dealing with DROWN in relation to their camera systems?

This would only apply to cameras streaming over the Internet using HTTPS, yes/no?

DVRs/NVRs maybe as well.

That's correct; the vulnerability impacts cameras and recorders with Internet facing IPs using SSLv2.

We are testing two measures to further secure video access:

  1. Add firewall rules to manage device access (camera to recording server)
  2. Add VPN role to manage person access (person to camera or recording server)