Geovision 9.8 Critical Vulnerability From Uniview Examined
Recently the US government disclosed a critical 9.8 vulnerability in a Geovision camera, but IPVM verified that this is not truly from Geovision but OEMed from Uniview.
This undisclosed OEMing raises greater risks for more Uniview, Geovision, and other OEMs being impacted. Related: Uniview OEM Directory.
** *******, **** **, ****,**** ********* *** ******** ******** ****-**-***-*********** ******** ************** ** * ********* GV-ADR2701 ** ******, ********-**** ******** ***-****-******* *** *************.
**** ******** ** *** ******** **** it ********** * ****** ***** ** concept (***) ******** ** **** ***** Wai. ***** **** *** *** ******** the *** ** *** ********, **** found ********* ***** ** ******* (***) ** Packet *****.
Vulnerability *********
*** ************* **** ** *** *************, where ** ******** ***** ** ******* the ***** ******* *** ********* *** response**** **** *****, **** *** ***** ******** **** the ******, *** ***** **** ****** the *** ********* ** *** ******.
Proof ** ******* (***) ********
*** *** ***** ************ **** *** login *******:
{"********":"*****","********":"**]&**]]**"}
*******, *** **** ****** ******* **** the *** **** ***** *************.
*************: ***** **************************==
***** *** ****** ** ****** ******* and ******** *** ****** **** ****** reveals *** ********/******** ***********.
$ **** -** **************************== | ****** -d
*********:*********
*** ******'* ****** ******** ******* **** it ** **** ******** **, ****, and *** ************* *** **** ***** since ******** **, ****. *** ****** shared *** *** ** ***** *, 2023, ***** **** ******** *** ******** more **** **** ****** ***** ** July **, ****.
******** *** **** ******** **** ******** one ******** ****** ***** *** ******** version, ** ** ****** **** ***** camera ****** *** ********** ******** ********, not **** **** ********* ***** *******, may ** ******** ** *** **** vulnerability.
Geovision *********** ***********
** *** **** ********, ******* ** offering ********* ********, ********* ********** ********* the ******** ******* **** ***** ****** or ********* ****.
********* ********** **** ***** ** ***** devices ******* ** ***** ****** **** the ****** ******** ****** ***** **** have ******** *** *** ********** ** this ***** **** ** *******, *******, or *******. *************, ***** ***** ******** connection ** ***** ******* ** ****** local **** ******** ******** **** ******** connection.
** ********, **** ***** ************* *** *** ********* *** *** security ********** **** ******** *************.
**** ******* *** ** ********* *** asked *** *** ******* ******** ******* and ********* ******** ********** *** *** own ********, ********* *********:
********* *** ******** ************* ******** ** ADR2701, ****** **** *** ****** ***** has **** ************ *** **** **** years. *********, ** *** ** ****** providing ******** ****** ** ***** *******.
**** ** ******* ******* ** *** risky *** ********** *** ******* **** other ************* ***, ***** ** *** not ** ******** *** ********* ** offer ******* ********, **** ** **** wanted **. ******, ********* *** *** have ******* **** *** ********, *** Uniview, *** **** ******, **** *** provide ********* **** ******* ********.
Not ******* ********
**** **** *** ******* ******* ********* or ******* / *** ******** **** this *************.
********** *** ****** ** ***** *, 2023*** *** ****** ***** * **** of ******** **, ****:
****, *** ******** ******/********* ** **** from ******** **, ****.
**** ****** ******* ******* **** ***** firmware ***** ****** ************* *** *** Basic. *** ********/********************** *** ** **** ** *** in.
***-****-****
******** ******* (** ***** ********):
- **-*******
- ******* **.*************
****
********* ************* ******* ****** (****)******** * ***** ** ****** *** quantify *** ******** ** ******** ***************. The **** ***** ******** ** ***** components: ****, ********, *** *************.
**** *** ******** ********* ******** ****** ** *.* ** the ***-****-***************** ********* ** *** **** *******.
- Attack ******
- *******, *** ****** ** ******** *********** via *** ** *******
- Attack **********
- ***, *** ******** *** ********** ****** success
- Privileges ********
- ****, *** ******** ** ************ ***** to *** ******
- User ***********
- ****, **** *********** ** *** ******** for **********
- *****
- *********, ****** **** ********* ****** *** impacted ******
- **************
- ****, *** ******** ** **** ** access ******* ******** *** *****
- *********
- ****, *** ******** ** **** ** modify ******* ********
- ************
- ****, *** ******** ** **** ** fully **** ****** ** *** ******'* resources