Mobotix First CNPP CCTV Cybersecurity Certification Examined

By Charles Rollet, Published Sep 05, 2019, 09:37am EDT (Info+)

Mobotix recently became the first video surveillance manufacturer to receive the CNPP cybsersecurity certification for its cameras, in which they originally declared a "guarantee of IT and electronic resistance to cyber-attacks."

IPVM Image

*** *** ** **** *** *** is ***** ************* ********? **** **** it ******* **? *** ****, ** anything, **** **** *********? **** ***** with ******* *** ******** ******* ******, including:

  • *********** ********
  • *******'* ***** ** "********** ** ******* Attacks"
  • **** **********: ******* ****** *********
  • *** "*********" *** **********
  • ********* ** **** ******
  • ********** ** **
  • **********: ******* ****** ** **************

Certificate ********

******* ******** ***** "********* ****" ************ encompassing *** ********* ****** ******, ** shown** *** **** *******:

IPVM Image

***** *** *** *** *******' **** sheets:

***** *** *** ***** ************:

******* **** **** *********** ******* ** all ******* ******* ****** *** ******** **** ****, ***** ** ******* **** *****.

************

**** ** ************** ************* ************ *** ************** * ********* *********** ***. **** ******** ************ *** * wide ***** ** **********:

IPVM Image

***** **** ** *******, ** *** worked **** *** ****** ********** ******, for ******* ****-**************** ** ****** ****************, ******'* ******** ************** ******. *** Mobotix **** ********* ************ **** *** first-ever *** ***** ************ *******,** *********:

IPVM Image

How *** ************* *** ********

*** ******* *******' "********** ** ******* attacks" *** ***** * "***** *" score, ***** ** ****'* '** *****–*** **-**' ******* ********:

IPVM Image

***** *** * ***** ** * levels, **** * ***** *** ***** and * *** ****. ***** * is *** ******* ** ****. ***** 2 ***** ** ***** *** "*** severity" ************* *** **********:

IPVM Image

******* ********* *** *************** ********* ** IPVM:

  • Camera *** *********: no 2-factor authentication; another level of complexity required for the password; users not informed of firmware updates.
  • MxManagement ******: "limit connection trials to 20 attempts max per hour"
  • MxManagement ****** *** *** *********: "currently, along with the software updates we provide 128 bits MD5 checksums. This is not following the ANSSI recommendations asking for at least 200 bits. SHA-256 or 512 should be used."

******* **** **** **** ******* ** fixing *****:

** *** ********* ******* ** ***** changes. **** *** ******* **** **** completed, ** **** ** **-******* ** an ****** ** ******* ***** * status.

*** ****** ******* ******* ************* **** ******** * *** ** cybersecurity ****** ******** *** *********** *******.

Not '*********' *** '**********'

*******, ** *** ******** ***** ******* Mobotix ******* ***** **** ************ ******* a "*********":

IPVM Image

**** ***** ******* ***** **** ***** a "*********" ** ********* ****** ****** ***** ******** **** ******* ******** it **** ***** ** ****** ** will ****** ********* ** **** * scenario.

***** ** ******* **** ***, ******* acknowledged **** "** ***'* ******** ********* there **** ** ** *********** ****" and ********* ***** ***** ** ** monetary ************ ** **** ** * hack. **** *********** *** ***** ********* "**********":

IPVM Image

MOVE ******** **** ****, ******* **** **** *** ** *** ** ****

*******'* ***** ******* **** **** ***** for *** ******* ****** "*** ** its ******* ***** ************ ****** *******" since "*** ******** * ****** ***** uses * ****** ********, ******* *** differences ** *** **** *********."

***** **** ***** *****,*******'* **** ****** ***'* **** ********* *** **** Dynacolor ******** ** ** *** ******* by *** **** *************. *******, **** was *** ********* ** *******'* ***** release. ** ********, ******* ****:

** ******* ** *********** ** *** IoT **** ** ******* ********* ** they ********* *** **** *** ** MOBOTIX.By *** *** ** ** [******** year] **** ** *** ******** ** put *** **** ****** ******* *** same **** ************* *******.

Compared ** **

** ******** ************* ************* *** **-********* products ** **** ******* ***** **** ******. ** **********,****** ********* **** ******** **** ****, Genetec *** *********** ****** ******** ***, *** *** ************ ***, ************ *** ***** ***** ***** ***** series.

** ******** ** *******, ***** ********* did *** ***** *** **** ** "guarantee" ** ***** *******. ************, *** scope *** ******* *** *** *** clearly ****** **** *** *********, ** contrast ** ******* ******* *** *** MOVE ****** *** *** ********** ****.

**** *************, **** *** ******* ************* of **** *** **'* ********, **** seem ******* ** **** ***** ** a *** ** ******* ******** *** penetration *******.

*******, ** ***** ** ***** *******, the ** ***** ** **** ****** known ***** **** ** ***.

**********

******* ***** ************* ********* ** ** an *****. ********* *** *** ***** eager ** **** ********** ******, ********* we've ******** ******** **** **** (************ ****-***** ***** ***************** ******** *** *** **** *********, No ******** *** **).

******* *************, ** ***** **** ** includes **** ******** ******* **********, *** be **********. ****** *** **** ** original ******* ** **** ******, ** in *******'* ****, ** * *******.

**** *******, ******* *** ****** ********** than *************, ** *** ******* ********* to ******* ***** *** **** ** its ******* *** **** ******** ********* needed *******. ******* **** * *** platform **** ** ******** **** *** that **** ** *** ** *** what ****** ******* *** ** *** next ******.

Comments (2)

"Mobotix says a new platform will be released soon and that will be key to see what future Mobotix has in the next decade."

I doubt it - they have a crappy support system in the US. The support engineers gloss over ticket details and aren't technical enough sometimes to understand the case notes from the user. It feels that they're always in a rush to close a ticket..

Personally I feel that even if they revamp the platform (MX7?) it'll do them no good if they don't have a strong support team.

Agree
Disagree
Informative
Unhelpful
Funny

My distributor stepped up as Mobotix support resource.

Found interesting recent Mobotix cyber security patch firmware applied to even 10-14 year old M series cameras still in service. Hard to find a Mfg supporting legacy product. Microsoft doesn’t.

Agree: 1
Disagree
Informative: 2
Unhelpful
Funny
Login to read this IPVM report.
Why do I need to log in?
IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.
Loading Related Reports