Axis, Pay Integrators To Fix Your Critical Defect

Author: John Honovich, Published on Jul 14, 2016

Axis should pay integrators to fix Axis' recent disclosed critical security vulnerability / defect.

There are millions of Axis cameras deployed with this defect. The risk is high as the soon to be published disclosure (July 18th) will allow attackers to take over the devices.

It falls on integrators to upgrade Axis cameras and eliminate this risk camera by camera.

Why Axis?

Axis should live up to their self proclaimed standards. Axis markets their high 'quality'. Integrators and customers pay a premium for that quality.

**** ****** *** *********** ** *******' ****** ********* ******** ******** ************* / ******.

***** *** ******** ** **** ******* ******** **** **** ******. The **** ** **** ** *** **** ** ** ********* ********** (July ****) **** ***** ********* ** **** **** *** *******.

** ***** ** *********** ** ******* **** ******* *** ********* this **** ****** ** ******.

Why ****?

**** ****** **** ** ** ***** **** ********** *********. **** markets ***** **** '*******'. *********** *** ********* *** * ******* *** **** *******.

[***************]

******, ************ ********** '*********** ****** *******':

** ********, **** ***, ** ***** *** *****, * '********' vulnerability', * *********** ****** ** ***** *******. ** **** ***** at **** *** ***** ******* ** ** ***** ****, *** broader ******** ** **** *** ***** ******* ** ** **** to ****** ******* ******* *** *** ********** ** **** *********** and ********* *** ***** ****** ** ****.

**** ****** **** ** ** *** ********* *** ******* ******** by ************ *********** *** ***** *** **** ** *********** **** vulnerability ** ******* ****** *** *****.

Integrator *****

*** ***** *** *********** *** ** ***********:

****, ** *** ****, ********* **** ******* **-**** ******, ********* customers *** ***** **** *** ** *** ****.
*** ********** *** **** ** ******* *** ************* ** *** ******** which **** ********* **** ** ***** ********* *****.
**** ****** **** ******* ******* ***** ********, **** ********* **** *** want ******** ******* ***** ******* ** **** **** *** * *** minutes *** *** ******* ********** ***** **** ***** ** ********* up ********.
***** *********, *** ********** **** **** ** ****** **** *** cameras ******** ** ****, ***** **** **** **** **** *** if *** ******* **** ** ********* ***** ** * *********** problem.

* ********** ******* ******* **** **** ** *********** ***** ** $200 *** ****. ** ******, ***** **** ** ********** ** time *** ****** *** * **** ***** *** **** ** hour ** **** ***** **** ** **** *****.

Vote: ****** **** ***?

Comments (47)

Brian Karas

IPVM | 07/14/16 12:13pm

***'* **** ******* ****** ** ** ***** "**** ********** *********"? ** ***** **** **** *** *** ***** scramble-the-techs *************** *** ******** ******** **** *** ******** ** ***** competitors. ****** ** ****** **** ** ******* * ******** ******* I ***** *** **** **** *** ******* ***** ***** ** it ******* ** ****.

********** ** *** *** ** **** *** *** *** **** following ***** ***** ******** ***** (**** ************* ********* ***** ********), ***** ********** ******* ** ******* ******* **** *** *** beyond "****" ** "***** ******" ***********.

** *** **** ******** ********/********** **** ******* *** *********** ** exploit ***** ************. ************* ********* *** **** ****** ** ** internally-executed *******, ** * *********** *** ****** ***** **** ** launch ** ****** ******* *** ******. **** ** ***** *** scenarios **** ******* ****, ** *** **********, ****** ****** ** seen ** ****** ***.

***** *** ***** ** ***-*********** ******** ******, * ** *** think **** ** * ********* ***********. ********* *** *********** **** to ********** **** ******* *** **** ** **** ** ********* update **** ** *** ** **** ********* **** *** **** of *** *******, *** *** ******* *** ******** ***** ****** accordingly.

***, ** **** *** *** *** **** **** *** * vulnerability **** **** ** * ****, * ***** ***** **** they *** *********** **** ******** ** ******* ***** *******.

****-*******, ********* **** **** *** *** *********** *** **** ** offer *******/********* ******* ******** ** ***** *********. ******* *** ****** savvy *********** *** *** ****' ******** **** ** * *** revenue ****** *** **********.

John Honovich

IPVM | In reply to Brian Karas | 07/14/16 12:26pm

***'* **** ******* ****** ** ** ***** "**** ********** *********"?

** ******* **** ** *** ***** ********* ** ** *** how ** ******** ** ***** ***********.

** ***** **** **** *** *** ***** ********-***-***** *************** *** critical ******** **** *** ******** ** ***** ***********.

* ** *** ***** **** ** ***** *** ** **** does *** ****** ** **** *** ******* ********** ** *** that **** *********** (********* *******).

**** **** ** *********. **** ******* ** - ***% **** than *** ********** **** ***** ** *********. **** ****** ** differentiate ** **** ****** ****** **** '*******'.

** **, ****'* **** ***-**** ** ****** ****** / *********. You ** ** ***-****, ***-**** ***** ** *****, *** ****** you *** ** ******* **'* ***-****, ******** *** ******, ********* service, ***. *** **** ****** ****** **** ****** ****** / Nordstrom *** *** *********** ** * ***** **** **** ** that ***** ******* *** **** **** ** ***** ***** ******* and ***** *** ***** **** ** ***** ********.

* ** *** ***** ********* ** **** *** ** **** **** ***** ****** ** remain ********* *** **** *** ****** * ******* *** ****, Axis ****** *** ****** *********** **** ** ** ********** ** justifying *** ********* ******* *** **** ********.

Brian Karas

IPVM | In reply to John Honovich | 07/14/16 09:34pm

* ***** ** ** ***** ******* ** **** **** **** this ***** ******* ** *** **** **** ***** **** *** be ****** **** ** ****** *******, **** *** **** **** at ****** *********, ** * *****.

**** ************* ** ********* **** ******* ** ** ******** ********* to ******* **** (** **** **** ***** **** ***** ** in ******* *******, ** ** ***** **** **** *****/********* **** sooner).

** **** *** ********* **** ****** *** ****** ** **** being * ******, **** * *** **** ****** *** **** to ***** *** **** *** ******** ** *** **** *** a ***** ******, * ***** **** **** **** *** *** deliver ** ***** ******** ** ******** * ******** *******.

*** **** ** *** **** ** ************* **** ****** ***** network ****** ***** *** *********** ** *** **** ** *******, and ** ** *** ** ** *** *********** ** **** any ****** **** **** ******** ********* ** *** ****-**** ********. This *** ********* *****, ** ******* ***** *** ** ****** upon ** ****** ***** *** ******** (*** ** ****** **********) we ***** *** **** ********* (**** ******* ***** *** *** simplicity *****).

***** ***** **** ******** ****** ******* ***** ******** ** ****** this *************, *** **** **** *** ** * ******** ******** are ***** **** **** **** ** ** ******* **** ******* security ** *******. *** **** ******** **** * ** *** think **** ** ****** ** ***** **** ***** **** ****** be ****** ***********. **** *********** ** *******, ********* **, ***** it, *** **** **** ********** ***** *************** ** ***** ***** security ***** **** **** ** ******** *** ****** ** ********** like ****.

Ari Erenthal

Chesapeake & Midlantic | 07/14/16 12:49pm

** *** **** ************* ** **** *************** ******? ******* ****'* how *** *** ************* ** **** *************** ******.

John Honovich

IPVM | In reply to Ari Erenthal | 07/14/16 12:53pm

**** *** ** ****** ** **** **** '******'. *** ********** is ********* **** ** * **** ***** ******************** **********.

Ari Erenthal

Chesapeake & Midlantic | In reply to John Honovich | 07/14/16 01:11pm

**** ***'* **** **** *** ******, *** **** *** **** the **** *** ******.

** *** **** ** ********* *** * ************ ** ***** fault *** ******* * *****, ****'** **** ** ** **** forced **.

**** ******** ****, ****** ** ******** ******* ******? *** ****** once ****'** *** *** ********* **** ****'** *** *** ** install **?

John Honovich

IPVM | In reply to Ari Erenthal | 07/14/16 01:24pm

**** ******** ****, ****** ** ******** ******* ******? *** ****** once ****'** *** *** ********* **** ****'** *** *** ** install **?

******* *** ******* ******** ******* ** *********** **** ******** (*.*., slightly ****** ***) ** ***** *** ***** (*** ***** **** browser * *** ***** ******* *).

**** ******** ******* ** ** **** ********* **** ******* **** access *** ****** ******* ** **** *******. *** ******** ** this ** *** ****** *** ******* ******** *******.

** ************* ******* ****** ** ************* ********.

John Bazyk

IPVMU Certified | 07/14/16 01:05pm

** **** **** * ********* *** ****, "** ********* **** vulnerabilities." **** ***, **** ****** *** *********** ** *** *** issue, ******* "**** ***************" *** **********. ** **** ****'* **** a ********* ******* ** ****, **** **** *******'* **** ** or ** ******** ** ** ***** ********. ** **********, ** assume ******* *****, ***** ** ** *** **** ** ******** risk ** ********** ******* ******** *** ****** **** ******. ********* things ****** *** ** **** ** **** **** **.

***** **** ** ** ***, ***** ********* ****** *** **** fuel ** ****** ****. ** **** **** *****, **** ***** take ******* ************** *** ***** ** ****.

******** ** *********, * ****** * $*,*** **** ***** * couple ** ***** ***. **** ** *** *** *** **** didn't *** ** *******. * **** **** *** *** ******** for ******* ****. * **** *** ***** ********** **** ********, and ** *** *** *******, *** *** ******* ***** ** to ***** *** **** ****. **** ******** ** ****** **** and **** *** **** **** (** *** **** **** *** a ****). ***** **** * **** ***** **** ** $$$ at *********.

John Honovich

IPVM | In reply to John Bazyk | 07/14/16 01:17pm

***** **** ** ** ***, ***** ********* ****** *** **** fuel ** ****** ****.

* *****. ****'* *** * ***** ****** *********** **** ***** reduce **** **** *** **** *********** **** **** ********* *** likely ** ***** **** **** ****, **** *** *** **** Nordstrom.

Richard Friend

In reply to John Honovich | 07/14/16 03:47pm

*** ********* ** *** ********* ****** ** **** ******** $***/**** to *********** ********? ***** ** ********** ****** *** **** ******* in ****?

*********** *** ************* **********. ***** **** ** ***** **** * Pandora's *** ** ****** **** **** *********** ********* ******* ********* and ***** **** *** $*** *** ****** **** ***** ** the ***'* ** ****'* ** ******* **** ******* **** ************. Or ******* * *** ** ***** *** **** **** ******* sites... *** **** ** *** ***** ***** ** ******* ***** service ********** ***** *** ******* ******* *********** ** */* ********.

John Honovich

IPVM | In reply to Richard Friend | 07/14/16 04:44pm

*** ********* ** *** ********* ****** ** **** ******** $***/**** to *********** ********?

***'* *** ***** *** ***,*** ***** **** **** ******* (**** to *** * ***** ******). ** $*** *** ****, ****'* $20 ******* *****, ******** ** **** ~$*** ******* *******. ** a *** *** **********. ****, *** ***** ******* **** **** not *******, **** **** ****** ******* *******, *** ***, *** want ** ***** *** **** ******* **** ****, ***.

***** **** ** ***** **** * *******'* *** ** ****** with **** *********** ********* ******* ********* *** ***** **** *** $200 *** ****** **** ***** ** *** ***'* ** ****'* of ******* **** ******* **** ************.

* *****. ****'* *** * ****** ** ** ** ******* payment. ** *** **** ** ********* ******* *** ** ****** or **** ** *******, ***. ** ***** ** * *** more *****.

*** **** ** *** ***** ***** ** ******* ***** ******* agreements ***** *** ******* ******* *********** ** */* ********.

**** ** *** ********** *** * ******* *********, ** ***** costs **** ***** ** ** *** *******, ***** ***** ** unnecessary ** **** ****** *** *** *****.

Richard Friend

In reply to John Honovich | 07/14/16 05:10pm

*** ********** *******'* ** ****** ******* ****** *** ******* ******: this ***** **** ******** *** ***** ****** **** *** $*** profit ** * **** ****** ***. **** ********** *** ****** painful.

John Honovich

IPVM | In reply to Richard Friend | 07/14/16 05:17pm

**** **** ********* ****** *** ~$*** ******* ***, ** * fraction ** ***** ****** ******.

***** ***** ** **** ***, ******, ** **** ***** ** and ***** ***** ******** *****, *** **** ******* *** ******* will **** **** ***** *******? *** **** **** ******** *** on *** ***** ** ******* **** *** ***** **** ************ and **** *** **** ** *** **** ****** ** ******?

Richard Friend

In reply to John Honovich | 07/14/16 05:29pm

** - *** ****'* * *** ********** - *** **** impact *** ** *** ****** ** $*** **** ****'* * pretty ******** ****** ** $**** ******, *** ****'* ********* * goodwill *******. ***** **'* **** ** **** *** *** ********* fraction ** ****** ***** ** ** ********* **** ** *** decision.

* ********** **** *********** *** *** ****** ********** *** ********, I **** ***'* *** ** ***** *********** ******** *** **** to *********. *'* **** ** ********* ** ****** ******** ** defecting ** * ***** **** *********** **** ****** ** * token ******* ** ******* $*** *** ****: **** ***** ** saving **** (** ****) *** ****** *******. ***** ** ***** hold *** *** **** ***********.

John Honovich

IPVM | In reply to Richard Friend | 07/14/16 05:49pm

* **** ***'* *** ** ***** *********** ******** *** **** to *********.

* ***** **** *** ***** ****. * ****** ****** ***** that **** **** ********* * **** ****** **** ****.

** ******** **** ** ** **** ********* / ********** / 'thought **********' **** ********** *********** ** *** **** *** **** form ** ****** / **** *** ********* **** ** ** something.

** **** ** ***, *** ********* *** *** **** ****** as ******* ***** *****.

Eddie Perry

07/14/16 01:29pm

* ** **** ** *** ***** "***** **** *** ************** start *** ***" ***** **** ******* ** **** ******* ************* and ** ** ** **** **** *** *****/*********** ************** ** take **** ** *** *********** ** *** ******.

***** ********** ******* **** ******, **'*, ********* *** *********** ******* in ***** ** ***** ********** ******* *** ** ******** **** products **** ***** ********** ************. **** *** ** **** **** also **** *** *********** ********* **** ******** ** **** ** recalls. ***** ******* *** **** ******* ******** *********** *** *** need ** * ******* *** *** ****** ****** *** *** camera. **** *** *** ***** ******** ** ***** **** *** need ** ****** ** **** ***** ************* ****** **** **** model.

**** ******** ** ** **** * ****** ****** ** ******** these ******** ** *** ************ *** **** *** ****** ****** hey *** **** ** ******* *** ******** *** **** ** how. **** **** *** ** *** ********* ** *** ***** and *** *** ************. **** ***** **** ** **** *** relations **** *********** ****** ** ** **** **** *** ** service ***** *** **** **** **** ** **** ****** ** later ****** **** *** *** ****** *** ***********.

** ** * **** ***** ** ** ****'* *** ** chase **** ****** *** *** **** **** **** *** ****** is ******** *************, *** * **** *** ** **** **** says:

"**** ** ********* ** ********* **** ******* ********, *******-**** ********* and ****** ******* ** ***** ***** ** ******** *********** ****** service ******** ********* *** *******-******** ********** **** *** ************ *** use ** *** ********"

**** **** **** ** **** ** **** * ****** *** to ** **** **** *** ********

John Honovich

IPVM | In reply to Eddie Perry | 07/14/16 01:33pm

*****, **** ********.

*** *******, **** ***** ** ********* ******** ****:

Undisclosed Integrator #1

07/14/16 02:44pm

** **** ****** *** *** ***** **** ** ** *****?

John Honovich

IPVM | In reply to Undisclosed Integrator #1 | 07/14/16 03:01pm

** *** *** *** * ****** *** ***** ** * recall, **********.

**** ** *** ****** ********** ** * *** ****** / recall.

Brian Rhodes

IPVMU Certified | In reply to Undisclosed Integrator #1 | 07/14/16 03:04pm

*** **** ****** ******* ***'* ****** **** ******* *************.

** **** ****** ***** ***** ****, **** *** **.

** **** ******* * **** **** ** ****** ***/** ***** result ** *******, ******, ** ***** **** *** *** *** repair ***** ******** ******.

** *** **** ***, * ******** ******** ************* ** *** normal '**** *** ****', *** * ***'* ***** *** ***** is ********* ** *** ** *** **.

Brian Karas

IPVM | In reply to Undisclosed Integrator #1 | 07/14/16 03:13pm

** * ******* *** * ******/******, *** ************ ***** ** under ******** ******* ****. *********, **** *** ******** **** ******** update *** ****.

****, **** *** *** *** ***** *** ***** **** ** come **** *** ********** *** **** *** *** *** ** be ********. **** ** **** ***'* **** **** ********** *****, requiring *** ***** ** *********** **** **** *** ** **** to **** **** *** ******.

** *** *** *****, *** ***** *** * **** ****** car, ** ***** *** ********** **** **** *** *** *** pick *** ** **** *** **** ** ********, *** *** still ***** ***** ** *** **** ** **** **** *** inconvenience.

* ******* ******* **** ***** **** **** *** *** ******* in ** "*******" ******* ******.

Brian Rhodes

IPVMU Certified | In reply to Brian Karas | 07/14/16 03:17pm

*** *** ******* **** *** *** **** ** ** *********.

**** ***'* **** **** *** * *** ** ********** **** parts *** **** * '****' **** **** **.

Richard Friend

In reply to Brian Rhodes | 07/14/16 03:35pm

** *** ******* ******* **** *** ******* ******, ***** **** not **** **** ******** ** ******* *** ******** **** ** charge, ******** **** *** ******* **** ******** ******* ** ** your ******* **** ********?

Luis Carmona

IPVMU Certified | In reply to Brian Karas | 07/14/16 05:01pm

"****, **** *** *** *** ***** *** ***** **** ** come **** *** ********** *** **** *** *** *** ** be ********. **** ** **** ***'* **** **** ********** *****, requiring *** ***** ** *********** **** **** *** ** **** to **** **** *** ******."

**** ** * ***** ***** * *** ******** ******** ** posting ****** ***** *. *** ***** *. (*&*) ****** ** on **.

***** "****** ***" ************* ****** ******** * ******** ****** ** automatically ******** *** ******* ******** *******, ****** **** ****' ******* or **** ** ******** ******** *** ********* **** **. **** way ******** ****** *******, ***** *** **** ** **** **** network ****** ******* *** *** ******* ****** *** *******.

John Honovich

IPVM | In reply to Luis Carmona | 07/15/16 12:34am

** *** ******* ** *** **** *******, *** *********** *** the ********** ** *******, *** *****. ** *** ******* **** to ** *** ****** **** *** ****?

********** **** ********* ****** **** ******:

*** ***** ******* **** *** ******* ** *** ******* ** fix ******** ***** *** ********** ** *** ******* *** *** service.

John Scanlan

IPVM | IPVMU Certified | In reply to Undisclosed Integrator #1 | 07/15/16 07:49pm

**** *** ******* ** ********************* ***** *** ********.

Luis Carmona

IPVMU Certified | In reply to John Scanlan | 07/15/16 08:48pm

**** ****'** **** ****** ** ** $*,*** ***** *** ***** and ***-******* **** **.

******* ******* *** ********* ******** ************* *****

**** **** ******* ******* ******** ** * ** * ******* being **** *** ******* ********, *** * **** **** **** in ***** *******, ***.

Eddie Perry

07/14/16 03:59pm

* ***** *** **** ** ***** **** ** ** ** to *** "*********** **** ******* *****"

** *** **** * ****** ** *** *** ** ***** a ******** ******* **** *** *** ** ***** ****** "*** you **** ** ******* **** ******** ** ** *** *** liable *** ******** *** ******.

**** **** ***** ***** *** ******** ** ****

*)** ** ***** *** *** * ****** ** ***

*) ***** ** * **** ** ***** ** *** ****** or ****** **** **** " ** *** **** ******** ** to ***** ******** *************** *** **** ** ******** *** ******** and ******* *********.

*) ******** ****** **** #* *** **** *** ******** *** is *** ** ** ***** **** *** ******** **** *** come *** ** *****'* *** ******* ************** *** **** **** may ******.

*)************* *** ******* *** *********** ****** ****** **** **** * damn ***** *** *** ****/*****, *** **** *** ***** ** better **** *** *** ***** *************.

**** ****** ** * *** ** **** ****'* ** *** who ** *********** *** **** *********. ************ **** ** **** take **** ** ***** ** **** ** *** ********* **** rules. ***** **** ***** ******* **** ************ *** ***** *****..... hopefully.

Undisclosed #2

07/14/16 04:20pm

****** **** *** ***** *** *** *********** *** **** ******* downloaded *** ****** ********, *********** ******** **** ***** ***** ***** problem?

*** ***: **** *** ******** *** **** ** ****** **** camera,MAKE **** ** ***** ** ******* ******** before upgrading the firmware. Although not mentioned by Axis, once the vulnerability is disclosed and script-kiddies probe every known Axis camera on the web, there may be nothing stopping them from making the firmware webpage non-functional except to change what is SAYS is the version.

********* ** ******* ********, ***** *** **** ******, ***** * better ****** ** *********** *** ********* ******* *****. ****** ** should ** ***** **** **** *** ****** *** **** ******, even *** ******** ********* *** ** *********, ***** ****'* ******** to ** ********* ** *** ***** ****.

Undisclosed #2

07/14/16 05:28pm

****'* *****, **** ****** **** ** *** ******** *******, ** any ********, **** ****** *** *******'* **** *** ***** ** installing * *****?

** ***, *** ** ** ***** **** **** ** *** first?

Undisclosed #3

In reply to Undisclosed #2 | 07/14/16 07:03pm

* **** *********** ****** ************* *** *** **** ** ****** their ******** ******* ***** ************. ******* ** ** ****** ******* we ********* ******* ***** ******** *** ****, *** **** ********** manufacturer *** ******* *** ***** ***** ** **** *********. **'* not ****.

Undisclosed #2

In reply to Undisclosed #3 | 07/14/16 07:08pm

*** *** ****** * ******** *****?

Undisclosed #3

In reply to Undisclosed #2 | 07/14/16 09:12pm

** *** ********, ***. *******, ** *** * ******** ****** that ******** *********** **** ** *** ****. *** ********* ** easy ** ******** ** ****** ** **** ****** **********.

Undisclosed #4

07/14/16 08:33pm

*** **** ** ****** **** ***** ******** *******? **** *******, for *******. *******, ****/**** *** "**********" *******/*******, ******** **** *** security *******/******* ** *****/*** ***************.

***** **** * ******** *** *** ***** ******* ** ****** Windows *************, **** *********** ** *** ***** **** ******, *** have ******* ****** *** ***** **** ** **** ** **********/************* patches/updates.

****** ********* ** *********** ********* *** ******* ***** **** ***** applying/adminstering ***** ******** ********? *** **** ** ****** **** **** situation *** ****? (*** ***** ******......)

John Honovich

IPVM | In reply to Undisclosed #4 | 07/14/16 09:09pm

****** ********* ** *********** ********* *** ******* ***** **** ***** applying/adminstering ***** ******** ********?

*** ** *** *** ****** ****:

*******, ****/**** *** "**********" *******/*******, ******** **** *** ******** *******/******* to *****/*** ***************.

*** ********** ****, ******** ** **% ** ******* ******* *** pretty **** *** ***** **** ******** ** **** **** ** for ****** **** ****** ****** **** ******* ** *** ******.

*** ***** ***** ** **********. **** *** *** ******* ** techs **-*****. ** ** ***** ************, ** ** *** ********. If ********* *** ***** ******** **** ******* *** ****** * matter ** **** ******* * ****** ** *** ********** ******* a ****** **** ***** ******, **** *** **** ***** ** trivial *** *** *******. *************, **** ** *** *** ****. Most ** ***** *** ***** ** ******* ***** ***** ** deal **** *** ******* ** ****** *** ***** ******** ********** to *** ******* **********.

Undisclosed #2

In reply to John Honovich | 07/14/16 09:11pm

**** ** ***** *** ***** ** ******* ***** ***** ** deal **** *** ******* ** ****** *** ***** ******** ********** to *** ******* **********.

** *** ****** ** *** ******** ********** **** *** ***** is *** ******.

Undisclosed Integrator #1

07/14/16 09:57pm

*** ** **** ** ******* **** **** *** ***** ** Coax ** **** ******......

John Honovich

IPVM | 07/15/16 06:39pm

**** *** ***** ********, *********** *** ************* (*** ************) **** taken ******** ***** ****.

***** **% ** *********** **** ***, **** **% ** ************* agree.

John Richardson

07/16/16 04:46am

* ** *** * *** ** ***** ************** ********.

*** ******* ******** *** *****, **** *** ***** ******** ****** holes ***** ** ****** ** ****** *** *******. ** ** is * *** ** *** **** ** ** **** ****** product *** ***** **** *** *** ****** ** ***** *****'* firmware, ***** *** ****** *** **** **** ***** ************?

* ***** **** **** ******* ****** * ******* ******** *** practically ***** ***** **** * ****** ** **** ***** ***** commitment ** ******* ********** ** * **** **** ********.

Alberto Alonso

07/18/16 09:21am

***'* ***** ** *** ********* *************. ** **** **** ** applicable ** ******* (***** *******) ******** ********** ******* *** *** (internet). *** ************* **** ** ******* ** **** ********* ***** cameras ** *** ****** ********* ******* ***** ** ************ *** free **** *** **** ****. ******** *** *** ** ** is ** ******* **** ***** ******* (********? ***, ** **** are *** ********** *****'* ** ****) *** ******* *** ********. So ***** **** **** ** **** ******** ** *** ******* rather **** ****** ** "*** ****" *****.

**** *** * **** **** ** ** **** ** * semi ********* *** (**** ****** **********) ***** *** ** ********** to ******* ******** (*********) ** ***** ** ******** ** ******* times. **** ***** ****** **** ***** ** *** ******* ************.

** *** ***** ****, **'* ********* **** *** ********** **** take **** ** *********** (**** ******** ******** ********). ***, **** is *** ** *********** ******* *** *** ********, *** ** upgrade ******.

**** ******* *** *** *** ******* ** ***** ******* ***** were ******** **** ******* ******** ** *** **** ***** **** manufacturers ***** *** ** *** ***** *** ******* *** ********?

John Honovich

IPVM | In reply to Alberto Alonso | 07/18/16 11:50am

** **** **** ** ********** ** ******* (***** *******) ******** accessible ******* *** *** (********).

**** ******* *** ********** **** *** **** ****** ****** ** the ******* **** *** **** ***** ** ** ****** ******. Secondly, * ******* ******* ** *** ***** ** ****** ***** the ******* ** **** * ******** ************* **** ******* *** cameras *** ****** * ********. ******** *** ****** *** **** someone ********** ***** **** ********* ** **** ** ****.

Undisclosed Integrator #5

07/18/16 12:22pm

* ***** ***, *** ****'* **** *******. * *****'* ****** that ** ******. *** **** ****** * ******** *** ****** it *** **** *** ***** ** *** ****** *** ****** for * * **** ***********.

Damon Hood

07/18/16 03:32pm

*** ****** **** ** **** ****** *** *********** ** ** this. * **** **** ** *** ******** **** ** ***** and * **** ***** **** ** ********** **** ****** ** do ******** ** ******** ******** ** ********.

** *** ** **** ************* ** ******** **** **** **** cameras ** *** **** ****. ** *** **** **** *** an **********. *** ** ****** ** *** *** ******** ********.

John Honovich

IPVM | In reply to Damon Hood | 07/18/16 04:51pm

* **** **** ** *** ******** **** ** ***** *** I **** ***** **** ** ********** **** ****** ** ** software ** ******** ******** ** ********.

** *** **** ****** ** ** * ******** ** ******** upgrade? * ****** ** ***** ** ** ******* **** ** support *** ** *********** *** *********** ** **** ** ** site *** ** ********.

** *** **** ******, *** ****, **** ** ****. ** the ***** ****, ** ** **** **** ** **** * critical ******** ************* ** **** *****.

Undisclosed #2

07/18/16 05:20pm

**'* *** ****, *** **** *** *** ********** *** **** time?

Undisclosed End User #6

In reply to Undisclosed #2 | 07/18/16 07:35pm

****://********.***/*******/****/***/**

Undisclosed #2

In reply to Undisclosed End User #6 | 07/18/16 07:50pm

******!

# * ***'* *** **** **** ************* *** **** **** hidden ****** ****** ** **** *******.
# * *** **** ******* ** *** * ****** ****** mistake **** **** ****, ***** * **** **** *** ******-**** of *** ***
********* ** *** ******,
# *** ******* ******-**** **** *** ****** **** **** ****, from ***-********** ** **********, ** *** ******** **** **
******().
#

Login to read this IPVM report.

Why do I need to log in?

IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports on Integrators

Avigilon 'Blue' Cloud Entry Examined on Sep 19, 2017

Avigilon is moving to the cloud. The company announced their Avigilon Blue platform, designed to be a web-managed surveillance system, utilizing...

Forgotten Password Problem Importance on Sep 15, 2017

Forgotten passwords has become a major industry topic. For example, Hikvision has been emailing admin passwords in plain text until IPVM's...

Dedicated Vs Converged IP Video Networks Statistics on Sep 12, 2017

'Convergence' has been a major industry theme for many years. All organizations have IP networks today with laptops, tablets, phones and more...

Favorite Network Termination Tools on Sep 06, 2017

Thomas Carlyle said "Man is a tool-using animal. Without tools he is nothing, with tools he is all." For security integrators, their tools are...

CNL PSIM Profile on Sep 06, 2017

CNL has been one of the strongest advocates for PSIM, as one of the earliest entrants into the market releasing their command and control software...

Low Cost, Low-End Competitors Challenge SMB Surveillance Market on Sep 01, 2017

SMB video surveillance systems are a tough market. From IPVM's new survey results of 135 integrator responses, we have identified the key...

Favorite SMB Recorder Manufacturers 2017 on Aug 28, 2017

Low cost cameras have been a major force in the small to medium business (SMB) market (as our 2015 SMB favorites and 2017 SMB camera favorites)...

Favorite SMB Camera Manufacturers 2017 on Aug 25, 2017

Small to Medium Businesses (SMB) have been hotly pursued by lower-cost entrants over the past few years. Nowhere has that been as strong a factor...

Top Used License Plate Capture Cameras on Aug 21, 2017

Capturing license plates is a common video surveillance application. But what cameras do integrators mostly commonly used? Special purpose LPC...

Cat 5e vs Cat 6 vs Cat 6a Network Cable Usage Statistics on Aug 16, 2017

Cat 5e? Cat 6? Cat 6a? What do integrators use in practice, today? 140+ integrators told IPVM. Here are the results: For those who want to...

Most Recent Industry Reports

Reseting IP Cameras - 30 Manufacturer Directory on Sep 22, 2017

Every camera has a reset button (well, almost) but it is not always clear what these buttons do, how long they need to be held, what settings they...

Genetec Launches Cloud Access Control (Synergis SaaS) on Sep 21, 2017

Genetec's cloud everything expansion continues, with their announcement of Synergis SaaS edition, joining their cloud video offering Stratocast,...

Genetec CEO Warns Against Insider Threats on Sep 21, 2017

With Dahua and Hikvision cybersecurity issues becoming indisputable, a new counter has emerged. Just put them behind a firewall, buy cheap...

New IPVM Calculator V3 Released on Sep 20, 2017

The New IPVM Calculator V3 is released. An entirely new architecture delivers the following benefits: Turbo The calculator is now ~50% faster in...

Automatic Door Operators For Access Tutorial on Sep 20, 2017

Opening and closing doors might sound simple, but it takes a high-tech piece of door hardware to pull it off. Integrating automatic door operators...

'Clowns' Allege Ubiquiti 'Completely Fraudulent' on Sep 20, 2017

A short seller has alleged Ubiquiti is 'completely fraudulent'. Ubiquiti's CEO has responded calling them 'clowns'. Here is the short...

Avigilon 'Blue' Cloud Entry Examined on Sep 19, 2017

Avigilon is moving to the cloud. The company announced their Avigilon Blue platform, designed to be a web-managed surveillance system, utilizing...

HID Buys Mercury Security on Sep 19, 2017

One of the biggest access control deals in years. Mercury Security, the most widely used access hardware OEM, and partner to 20+ manufacturers,...

Hikvision Backdoor Exploit on Sep 18, 2017

Full disclosure to the Hikvision backdoor has been released, allowing easy exploit of vulnerable Hikvision IP cameras. As the researcher, Monte...

Axis, Pay Integrators To Fix Your Critical Defect

Comments (47)

Brian Karas

John Honovich

Brian Karas

Ari Erenthal

John Honovich

Ari Erenthal

John Honovich

John Bazyk

John Honovich

Richard Friend

John Honovich

Richard Friend

John Honovich

Richard Friend

John Honovich

Eddie Perry

John Honovich

Undisclosed Integrator #1

John Honovich

Brian Rhodes

Brian Karas

Brian Rhodes

Richard Friend

Luis Carmona

John Honovich

John Scanlan

Luis Carmona

Eddie Perry

Undisclosed #2

Undisclosed #2

Undisclosed #3

Undisclosed #2

Undisclosed #3

Undisclosed #4

John Honovich

Undisclosed #2

Undisclosed Integrator #1

John Honovich

John Richardson

Alberto Alonso

John Honovich

Undisclosed Integrator #5

Damon Hood

John Honovich

Undisclosed #2

Undisclosed End User #6

Undisclosed #2

Login to read this IPVM report.

Related Reports on Integrators

Most Recent Industry Reports

Member Login