CVE-2023-0954

A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:johnsoncontrols:illustra_pro_gen_4_dome_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:johnsoncontrols:illustra_pro_gen_4_dome:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:johnsoncontrols:illustra_pro_gen_4_ptz_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:johnsoncontrols:illustra_pro_gen_4_ptz:-:*:*:*:*:*:*:*

History

22 Jun 2023, 15:11

Type Values Removed Values Added
References (MISC) https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-02 - (MISC) https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-02 - Third Party Advisory, US Government Resource
References (MISC) https://www.johnsoncontrols.com/cyber-solutions/security-advisories - (MISC) https://www.johnsoncontrols.com/cyber-solutions/security-advisories - Broken Link
First Time Johnsoncontrols illustra Pro Gen 4 Dome
Johnsoncontrols illustra Pro Gen 4 Dome Firmware
Johnsoncontrols illustra Pro Gen 4 Ptz Firmware
Johnsoncontrols illustra Pro Gen 4 Ptz
Johnsoncontrols
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CWE NVD-CWE-noinfo
CPE cpe:2.3:h:johnsoncontrols:illustra_pro_gen_4_dome:-:*:*:*:*:*:*:*
cpe:2.3:o:johnsoncontrols:illustra_pro_gen_4_dome_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:johnsoncontrols:illustra_pro_gen_4_ptz_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:johnsoncontrols:illustra_pro_gen_4_ptz:-:*:*:*:*:*:*:*

08 Jun 2023, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-06-08 21:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-0954

Mitre link : CVE-2023-0954

CVE.ORG link : CVE-2023-0954


JSON object : View

Products Affected

johnsoncontrols

  • illustra_pro_gen_4_dome_firmware
  • illustra_pro_gen_4_ptz_firmware
  • illustra_pro_gen_4_ptz
  • illustra_pro_gen_4_dome
CWE
NVD-CWE-noinfo CWE-489

Active Debug Code