CVE-2023-0954 - OpenCVE

A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Johnsoncontrols	Illustra Pro Gen 4 Dome Illustra Pro Gen 4 Dome Firmware Illustra Pro Gen 4 Ptz Illustra Pro Gen 4 Ptz Firmware

Configuration 1 [-]

AND

cpe:2.3:o:johnsoncontrols:illustra_pro_gen_4_dome_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:johnsoncontrols:illustra_pro_gen_4_dome:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:johnsoncontrols:illustra_pro_gen_4_ptz_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:johnsoncontrols:illustra_pro_gen_4_ptz:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-02
https://www.johnsoncontrols.com/cyber-solutions/security-advisories

History

No history.

MITRE

Status: PUBLISHED

Assigner: jci

Published: 2023-06-08T20:05:20.697Z

Updated: 2024-08-02T05:32:46.221Z

Reserved: 2023-02-22T14:10:57.113Z

Link: CVE-2023-0954

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-06-08T21:15:16.183

Modified: 2023-06-22T15:11:29.820

Link: CVE-2023-0954

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-0954", "assignerOrgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "state": "PUBLISHED", "assignerShortName": "jci", "dateReserved": "2023-02-22T14:10:57.113Z", "datePublished": "2023-06-08T20:05:20.697Z", "dateUpdated": "2024-08-02T05:32:46.221Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Illustra Pro Gen 4 Dome", "vendor": "Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.", "versions": [{"lessThanOrEqual": "Illustra.SS016.05.09.04.0006", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Illustra Pro Gen 4 PTZ", "vendor": "Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.", "versions": [{"lessThanOrEqual": "Illustra.SS010.05.09.04.0022", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2023-06-08T20:03:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack."}], "value": "A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack."}], "impacts": [{"capecId": "CAPEC-554", "descriptions": [{"lang": "en", "value": "CAPEC-554 Functionality Bypass"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-489", "description": "CWE-489 Active Debug Code", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7281d04a-a537-43df-bfb4-fa4110af9d01", "shortName": "jci", "dateUpdated": "2023-06-08T20:05:20.697Z"}, "references": [{"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-02"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update Illustra Pro Gen 4 Dome to version 6.00.00<br>"}], "value": "Update Illustra Pro Gen 4 Dome to version 6.00.00\n"}, {"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update Illustra Pro Gen 4 PTZ to version 6.00.00<br>"}], "value": "Update Illustra Pro Gen 4 PTZ to version 6.00.00\n"}, {"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The camera can be upgraded via the web GUI using firmware provided by Illustra which can be found on <a target=\"_blank\" rel=\"nofollow\" href=\"http://www.illustracameras.com\">www.illustracameras.com</a>. The firmware can also be upgraded using the Illustra Connect tool (Windows based) or Illustra Tools (mobile app) or victor/VideoEdge, which also provides bulk firmware upgrade capability. Please refer to the respective application documents for further information.<br>"}], "value": "The camera can be upgraded via the web GUI using firmware provided by Illustra which can be found on www.illustracameras.com http://www.illustracameras.com . The firmware can also be upgraded using the Illustra Connect tool (Windows based) or Illustra Tools (mobile app) or victor/VideoEdge, which also provides bulk firmware upgrade capability. Please refer to the respective application documents for further information.\n"}], "source": {"discovery": "EXTERNAL"}, "title": "Debug feature in Sensormatic Electronics Illustra Dome and PTZ cameras", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:32:46.221Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories", "tags": ["x_transferred"]}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-02", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:johnsoncontrols:illustra_pro_gen_4_dome_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F009944-092A-4E17-8E1E-D4096C0DFB3B", "versionEndIncluding": "ss016.05.09.04.0006", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:johnsoncontrols:illustra_pro_gen_4_dome:-:*:*:*:*:*:*:*", "matchCriteriaId": "613F554C-1702-418A-91EA-B7F4DE541E7D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:johnsoncontrols:illustra_pro_gen_4_ptz_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "28735AD3-1977-4D75-99E4-88F55465B643", "versionEndIncluding": "ss010.05.09.04.0022", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:johnsoncontrols:illustra_pro_gen_4_ptz:-:*:*:*:*:*:*:*", "matchCriteriaId": "8126D886-4123-4756-9D5D-CD030E8BA4FA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack."}], "id": "CVE-2023-0954", "lastModified": "2023-06-22T15:11:29.820", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 6.0, "source": "productsecurity@jci.com", "type": "Secondary"}]}, "published": "2023-06-08T21:15:16.183", "references": [{"source": "productsecurity@jci.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-02"}, {"source": "productsecurity@jci.com", "tags": ["Broken Link"], "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories"}], "sourceIdentifier": "productsecurity@jci.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-489"}], "source": "productsecurity@jci.com", "type": "Secondary"}]}