Hanwha's Direct-To-Cloud SolidEDGE Camera Cybersecurity Tested
Hanwha released its first direct-to-cloud camera, SolidEDGE, which includes a built-in Hanwha Wave VMS (relabelled NxWitness), but how strong is its cybersecurity?
We tested the SolidEDGE, and in this report, we examine and explain its cybersecurity features, including:
- What ports and services are available for connection?
- How do video and command packets flow between the camera and the cloud?
- How does the cloud relay communication work?
- What discovery protocols are used?
- What is the recommendation for RTSP encryption?
- Where is two-factor authentication (2FA) used?
- How do the clients and Wave communicate?
Also, see our other related reports:
- IP Camera Cybersecurity Rankings - Avigilon, Axis, Bosch, Dahua, Hanwha, Hikvision, i-PRO, Uniview, Vivotek
- Hanwha Cybersecurity Risks Tested
- Hanwha 1 High and 2 Medium Security Vulnerabilities 2023
Note: A companion report testing the SolidEDGE camera / VMS performance will be released in the coming weeks.
Executive *******
*** ******* ***** **** *** ****** SolidEDGE (***-******-*) ** ****** ****** ****** cybersecurity ********. **** ******** ***, ****** boot, ****** ********, ***** ******* ** default, *** ************* ********** ** ******* 7.
*** ******** **** ****** ** *** from ******* *****, ***** ************ **** the ***** ********* ***** *** **.*, with ****** ***** ******* *** ****** and *** ******** **** ******, *** offers **** ********** *** *******. *** cloud ************* *** ***** ** *** AWS,*****, *************.
******** ***-****** ************** *** ** *** Wave **** ***** ** * ****** process. *******, ** ** **** **** for ************** **** *** ***** *** not ***** ****** ********** **** **** Server.
*** ******** **** ****** ******* ** discovery ********* ** ******* *** ****** deprecated *** **.*, ********* ******** ******* on * ***** ****** **********.
Hanwha ********* **. ******* * ** ****
***** *** **** ***** *** ** the **** *** ****** *** *** communications, ** ********* ******** ************* ***** on *** ********* ****** (***-******-***) ** camera, ***** *** *** **** ******* as ********* ******* * (*** ****).
*** **** ********** ******* ********* *** Wisenet * ** **** ********* *** a *****-** **** *** ****** **** direct ***** ************* ** ******* **** Sync ***** *** ****** ****** *** is ******* **** *** ** *** SSD *******.
Post-Authentication ************* *****
****** *** *******, ** ***** * post-authentication ******** ************* **** **** ******** to ****** *-**** *** ********* * responsible ********** *********. ** ******* *** vulnerability **** ******* ********* *** **** update **** ****** **** **** *********** as ** ******* *********.
*** ********** ************* ******** ** ************* login ** *** ** ******'* ***** direct *** *********, ******** *** ******* risk ** ************. **** ********* *** CVSS ***** ** * ******, *** it ******* ** ** **** **** the ****** ******** **** ***** **.
SolidEDGE **** ******
****** *******, ** ***** **** **** the **** ****** ******, ** ********* several ***** *********** ** ***, *****.***, and **********.***. ** **** ****** ********* on *** **** ***** *****: ***/**** for ***** ****** ***** ************* **** the **** ******, *** * ******** assigned *** **** *** ************* **** the ***** ********.
*** ********** ******* ***** ** ***** on * ***-**-***-****** (****) ******* ******* analysis, **** *** **** ******** ***** the **** *** ****** ********** ***** cleartext **** ** **** ***/**.
******** ** *** ********* ******* ** port ***/** ***** ****-***** *******, *** when *** ****** ****** ******, * tunnel **** ** ****** *** ******* to ******** * *** **.* ********** to *** **** ****** *** ***** relay.
******* *****
****** *******, ** ********* **** *** Wave ****** ** *** **** ******* Optix, ** ********* ** *** ****** header ** *** ********.
** ********, *** **** ****** *** GUI **** ******* ************ **** *** Cloud ********** ************* **** *********** ***** ** ******* *.* ******:
********** *** **.* *******
***** **********.** ****, ** ***** **** *** **** server ******** ********** *** **.* *** offers ********** ******* *** ******** *** v1.3.
********* ********
*** **** ****** ******* ******* ********* protocols ** *******, **** ** ***** could ** ********** ***** *********.
** ***** ****** *** ***** **** so **** ******* ********* ********* *** who *** *** ********.
******:****** *********,
** **** ** ** **** ******** VMS, ** ******** * **** ******* of ******* *** *******. **** ******** almost *,*** ********* ************* *** **** of ********* ** ********* *******
**** **********
******* *** *** *** ********** ***** traffic ****** *** ******* *******:********** ***** ******* **** ************* ******** CPU *****.
** ***** ****** ** *** **** problem ******** **** ********** ***** *****.
****** *******:
********* *** ********* **************, **** **** encrypt *** ***** ***** ******** **** cpu ** ******, **** **** *** other ***. **** *** ** *** encrypt *** ****** ***** *******, ****** genetec **** ***** **** ** *****.
****** **** ******* *** **** *** usage ** **** ********** ******* ** stream *****, **********/***** ****, *** ****** of ********* ******* *** ** *******.
****** **** ********** ***** ** **********, especially ** *** ****** ** ******* loaded.
*** *** ***** ***** ** *** server *** ****** ******* *** *** the *** *****. *** *** *** measurements ****** *** ***** ********/********* *** feature. **** ********* ***'* *** **** feature. * ***** ******* ***** ** on ***** **** ** *** ****** is ******* ****** ****. *** ****** camera ************ ** *******'* ** ** issue.
Wave **** - ***** ***** **********
** ****** **** ******, ******* **** Client, *** **** **** *** **, both **** *** ******* ***-**-***-****** (****), where ** ***** **** *** * client ******** *** ***** *** ***** communication *** ***** *** ** *********** by ** ******* ****-********. ** *** not ** * ******** ** *** software ** ** ** ****** *** scope ** **** *******.
** **** **** ** ******* **** tunnel ******* ******* *** ****** *** the ********* **** ****** ** ********* directly ** ***** *** ******** ***-**-***-****** (MiTM) *********, *** *** ********* *** one *** *** ****** ***** **** an ******** ******* **** ******* ********** of *** ***** *******.
** ********* ** *** ******** ******* from *** ****** ** *** ***** relay ****** *** ******** ******* **** the ***** ***** **** *********, ** found ***** ******* ****** *** ***** of *** *** **.* ********* ******.
***-****** ************** (***)
**** **** ******** ******** ***, ***** is * *************** ******* ** ***** enabling *** ****** *** **** **** account ********.
****, ****** ********* *** *** *** system.
*******, *** *** ** **** **** when ******* **** **** **** *** not *** ******* ** ** *** SolidEDGE **** * ****** ***** **********.
*** ** *** **** *** ***** direct *****
Hardware / ******** ******
- ***-******-***
- *******: *.**.**
- ********* **** ******
- *******: *.*.*.*****
- ******* **** ******
- *******: *.*.*.*****
- **** ****** (*******)
- *******: **.*.*****
*** ****** ** ******* **** ******'* response, ***** **** ** ******* ***** showing *** ***** ** ********** ******* discovery *********.