CVE-2020-11624

An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. They do not require users to change the default password for the admin account. They only show a pop-up window suggesting a change but there's no enforcement. An administrator can click Cancel and proceed to use the device without changing the password. Additionally, they disclose the default username within the login.js script. Since many attacks for IoT devices, including malware and exploits, are based on the usage of default credentials, it makes these cameras an easy target for malicious actors.

CVSS v3 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://unit42.paloaltonetworks.com/avertx-ip-cameras-vulnerabilities/	Exploit Patch Third Party Advisory
https://unit42.paloaltonetworks.com/avertx-ip-cameras-vulnerabilities/	Exploit Patch Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:avertx:hd838_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:avertx:hd838:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:avertx:hd438_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:avertx:hd438:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:58

Type	Values Removed	Values Added
References	~~() https://unit42.paloaltonetworks.com/avertx-ip-cameras-vulnerabilities/ - Exploit, Patch, Third Party Advisory~~	() https://unit42.paloaltonetworks.com/avertx-ip-cameras-vulnerabilities/ - Exploit, Patch, Third Party Advisory

Information

Published : 2020-07-23 21:15

Updated : 2024-11-21 04:58

NVD link : CVE-2020-11624

Mitre link : CVE-2020-11624

CVE.ORG link : CVE-2020-11624

JSON object : View

Products Affected

avertx

hd438_firmware
hd838_firmware
hd438
hd838

CWE

CWE-521

Weak Password Requirements

{"id": "CVE-2020-11624", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2020-07-23T21:15:11.753", "references": [{"url": "https://unit42.paloaltonetworks.com/avertx-ip-cameras-vulnerabilities/", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://unit42.paloaltonetworks.com/avertx-ip-cameras-vulnerabilities/", "tags": ["Exploit", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-521"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. They do not require users to change the default password for the admin account. They only show a pop-up window suggesting a change but there's no enforcement. An administrator can click Cancel and proceed to use the device without changing the password. Additionally, they disclose the default username within the login.js script. Since many attacks for IoT devices, including malware and exploits, are based on the usage of default credentials, it makes these cameras an easy target for malicious actors."}, {"lang": "es", "value": "Se detect\u00f3 un problema en AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 y Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. No requieren que los usuarios cambien la contrase\u00f1a predeterminada para la cuenta de administrador. Solo muestran una ventana emergente que sugiere un cambio, pero no hay cumplimiento. Un administrador puede hacer clic en Cancelar y continuar usando el dispositivo sin cambiar la contrase\u00f1a. Adem\u00e1s, divulgan el nombre de usuario predeterminado dentro del script login.js. Dado que muchos ataques para dispositivos IoT, incluidos malware y exploits, son basadas en el uso de credenciales predeterminadas, hace que estas c\u00e1maras sean un objetivo f\u00e1cil para actores maliciosos"}], "lastModified": "2024-11-21T04:58:16.423", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:avertx:hd838_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B511526-D9AF-41D3-8C58-ED591FB6D28A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:avertx:hd838:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "02958C46-401D-478F-A217-BCA0B0E4899F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:avertx:hd438_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79C42137-9911-47AC-B051-5FAC413711AD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:avertx:hd438:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FF06CB88-3801-4319-93D3-285C4CBC6F8F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}