Google Found Software House Vulnerability Allows Inside Attacker To Open Doors

Author: IPVM Team, Published on Sep 04, 2018

A vulnerability in Software House IP-ACM modules allows an attacker to potentially unlock doors, or perform other actions, on affected systems. Many affected systems are unable to fixed with a software patch, requiring hardware replacement instead.

IPVM spoke with Software House executives to get more details on this exploit, in this report we provide an assessment of the risk in vulnerable systems, and what Software House recommends for affected users.

[Note: this post was first published in January 2018 but was updated in September 2018 when it was disclosed that a Google employee discovered the vulnerability, making it mainstream news.]

************** ** ******** ***** **-*** ************* ** ******** ** *********** ****** *****, ** ******* ***** actions, ** ******** *******. **** ******** ******* *** ****** ** fixed **** * ******** *****, ********* ******** *********** *******.

**** ***** **** ******** ***** ********** ** *** **** ******* on **** *******, ** **** ****** ** ******* ** ********** of *** **** ** ********** *******, *** **** ******** ***** recommends *** ******** *****.

[****: **** **** *** ***** ********* ** ******* **** *** was ******* ** ********* **** **** ** *** ********* **** a ****** ******** ********** *** *************, ****** ** ********** ****.]

[***************]

Vulnerability ******** - *** *********** *********

****** *** *** ****** *** ************* ** ** *** ***** Ultra ******, ******** ***** ****** **** ****** ****** ** *** where *** ************* ****. *******, *****-*** ******** **** ******** *** ****** ********* ********.

***** ** *** *** ******* ********** ******* *** **-*** **** module *** *** ***** ***** ******* ********** ** *******, ** attacker *** ***** ****** ** *** ******* ******* *** ******* could ******* ******* ******* ** * ******** ******* (**** ** a **** **** *******), *** **** ***** ****** ***** ******* on *** ******* ** ***** *** **** ** **** ** will.

*** *** ******* **** ************* ***** ***** ******* ****** ****** that *** ******* **** *** **-*** ** ***** ***** ************** is *** ********** ** ********* *********. *** *******, ****** ***** on ******** ******** **** ******* ****** ** ********, *** **** security ******** **** ** *** ******* ******* ****** ** *****.

*** ********* ******* ***** *** * ******* ******* ***** ** iStar ***** *** **-*** **** ******* ***** ** ***********:

Replay ****** ******

** * ****** ******, ** ******** ******** ******* **** * program ******** *** ******* ********** (*.*.:*********), *** **** ******* ***** **** ******* ** *** *******, with *** ****** ***** ******* ********* ********* **** ** ********, and ****** ** **** ** ** **** **** **** ** the ******** ******. ****** ******* *** ***** **** **** ************** are *********, ******* *** ******** **** *** **** ** **** the ******** **** ********* ** *** *******, **** *** ******** outcome ** *** ****** ********* **** (*.*.: * ****** ** packets **** **** "**** **** ****", ** "***** **** ****'* password").

****** ******* *** ** ********* ** ***** *** **** ******* encryption, *** **** * ****** *** ** ******* ** *** each ******* ********. *********, ** ** ******** ******* * ******** with ** **/*** **** *** ******* **** ****, *** ******** will **** ** ****** **. *******, ***** **** ******* *** ability ** *** ****** *******, ** ***** ******** **** ********* and ***** ************ ********* (**** ** ***** ******* * **** controller *** ** ****** ******* ******) **** *******.

Current **-**** *** ***********

****** **** ************* ******** ******** ************ **** *** **-*** ** cannot *******, *** ** **** ** ****** *** ********** *********. JCI ** ** *** ******* ** ********* ** **-*** ** module **** ********* ********* ** *********** ******* ********. ********* **** need ** **** *** ** **-*** ***** *** ** ***** if **** **** ** ****** **** *************. *** ****** ********* wishing ** ****** *** ***** *********** ****** ******* ***** ********** and ******** ***** ******* ********* *** ********** ******* *** ***********.

Low **** / ******** **********

************ ********** **** ************* ******** ****** ** *** ******** ******* between *** **-*** *** ***** ***** ** ******* ******* ** be ******** *****. **** ***** ********* ******* ****** ****** ** a ********** **** ** *** ******, ** **-**** ***, ** other ****** **** ******** **** **** **** * ** ** the **** *******, *** ***** ** ************* ********** ** ******* remotely *** * *** ** ****-********** *****. **** ******* *** chances ** ******* *******, *** ****** ** ** **** ** an ******* ******.

******* *** ****** ****** ** ****** ** ******* ******* **** the *******, *** ******* **** ** ******* ** ***. ***** this **** *** **** **** ******** ******* ****** ** *******, it **** ****** *** ****** ******* *** **** ** ********* attackers ************ ****** **** ********* ****** *** ****** ***** ***** will ***** ***** ******** ******** ** *******.

Comments (8)

**** **-***** *** *********** ******* *** ** *** *** ********** between ** **** *********** *** *** **** ********/****** **********. ** this ******* ****** **** ******** ***** **** *** **** ***/*** bit ********** ***** **** ***** ************* ********? *** ********** ** master ************* ** **** ****** * *********** ******** (***** ***** it ******** **** ***** ** * **** ******), *** ** not **** **** ** ******** ******* ***** ** ********** *** can ** *** ** *** ** **** *********** ** *** so ****.

*** ** **** ******** ** **** ************** **** *** **** spec *** ****** ******* ******* **** ** ********** **********?

***, *** ********** ******* *** ******* ** *********.

********* ************** ** *** ******* ****** *******, **** **** ******* the ******** **** ******* *** ******** ********. *** **** ** do ********** ****** **** ****** ******* **'* ** *** ******** to ******* ****** *******. * ***** ** ***** **** ** the "****** ****** ******" *******, ******* ******* *** **** **** the *******.

***** ** ** **** ****, * *** ***** *** ** ask "***** ** *** ********" ** ********. *** ***** *** understand *** ******** ***** (********* ** * ****** **** ** encryption), *** *** ***** **** **** ****** *** "******" ** asking "***** ** *** ********" ** * ******** ****** ***** cause **** ** ***** *** ** *** ********. *** ** not ***** ********** *** ******** (********), *** *** *** ****** phrases ** *** * ******* *******.

********* ** *** ***** *******, ** *** ****** ** ******* someone **** ***** * "******" ** ***** **** ****, *** would *** ********** *********** ** *** ******, **** "***** ** the ********. **** ** ******* #*". *** ****** *** ***** would **** ********* ** ******** **** *** ******* **** ******* #1, *** ** ** **** ***** ****** ** ****** **** query, ******* **** ** *** **** ****** * **** ** duplicate. ****** *** ****** ******* ** ******** *** **** ****** an ************ ******* *** ******* * ********.

*************, *** *** **** **** *** *** *** ** *** generation ** * *** ******* ****** ******* ** *** ******* bandwagon. ****'* ********* *** * ******** ***** ********** *** ********. Glad * **** **** ****** ***...

**** *********** * *** ***********. *********** *** *** ***** *** often ********* **** *******, ** *** **** (*************) *** *** privilege ** ***** ****...

**** ** ***** ** *********** *** ** ** ****** ****! I **** ******* ***** ***** ** * ******* ** ** time ***** ** ***** ********* *******. *** ***** **** ******* the **** ** **** ** ** *** ************** ** ********** not *** **** ***** *** **** ** *************** ****.

***** *******!

**** **** ******: *****://***.******.***/*****/**************/****/**/**/*******-*****-******-****-****-**-***-********

*** *** ***** *****'* ******* **** **** ******* **** ** be ********.

**** *** ****** *****:

"********* **** ******** ***** *** **** ** **** ********* ** fix *** *******, ****** ** ****** ** ***, **’* ******* a ****** ** ******** ** *** ******** ****. ****’* ******* the ******** ***** ******* ****’* **** ****** ****** ** **** with *** ************ ** *** ********, ********* ****."

****

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Most Recent Industry Reports

Hanwha Dual Imager Dome Camera Tested (PNM-7000VD) on Oct 18, 2018
Hanwha has introduced their first dual-imager model, the PNM-7000VD, a twin 1080p model featuring independently positionable sensors and a snap-in...
Camera Height / Blind Spot Added to IPVM Camera Calculator on Oct 18, 2018
IPVM has added camera height and blind spot estimation to the Camera Calculator. This is especially helpful for those who need to mount cameras up...
Axis Strong US Growth, Flat EMEA - Q3 2018 Financials on Oct 18, 2018
This spring, Axis had its best financials in many years (see Axis Strong Q2 2018 Results). However, over the summer, Axis had many products sold...
Best Alternatives to Banned Dahua and Hikvision on Oct 17, 2018
With the US government ban and a growing number of users banning Dahua and Hikvision, one key question is what to use for low cost? While Dahua and...
Video Quality / Compression Tutorial on Oct 17, 2018
While CODECs, like H.264, H.265, and MJPEG, get a lot of attention, a camera's 'quality' or compression setting has a big impact on overall...
Knightscope Winning Investors, Struggling With Growth on Oct 16, 2018
While Knightscope's new financials show the company only winning 11 new customers in the past 12 months, the company continues to win new...
Integrator Laptop Guide on Oct 16, 2018
This 18-page guide provides guidance and statistics about integrator laptop use. 150 integrators explained to IPVM in detail about their laptops,...
Huawei Admits AI "Bubble" on Oct 16, 2018
A fascinating article from the Chinese government's Global Times: Huawei’s AI ambition to reshape industries. While the Global Times talks about...
ADI's Financials Revealed + W-Box Growth Priority on Oct 15, 2018
  ADI is one of the most powerful distributors in the security industry but how big are they? How much profit do they make? How much do they sell...
Dahua Face Recognition Camera Tested on Oct 15, 2018
Dahua has been one of the industry's most vocal proponents of the value that AI creates: As part of this, Dahua has released a facial...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact