CISA Warns of PTZOptics Cameras Vulnerability Exploited to Escalate Privileges
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about critical vulnerabilities identified in PTZOptics PT30X-SDI/NDI cameras.
These vulnerabilities, tracked as CVE-2024-8957 and CVE-2024-8956, could allow attackers to escalate privileges and execute commands with root access.
CVE-2024-8957: Command Injection Vulnerability
The first vulnerability, CVE-2024-8957, is an OS command injection flaw in the PTZOptics PT30X-SDI/NDI cameras.
It allows a remote, authenticated attacker to escalate privileges to root through a crafted payload using the ntp_addr parameter of the /cgi-bin/param.cgi CGI script.
This vulnerability is related to CWE-78, which deals with improper neutralization of particular elements used in an OS command.
The possibility of this vulnerability being used in ransomware campaigns remains unknown.
CISA advises users to apply mitigations as per the vendor’s instructions or to discontinue using the affected products if no mitigations are available. This vulnerability must be addressed by November 25, 2024.
CVE-2024-8956: Authentication Bypass Vulnerability
CVE-2024-8956 describes an authentication bypass vulnerability in the same PTZOptics cameras.
This flaw allows remote attackers to bypass authentication for the /cgi-bin/param.cgi CGI script through an insecure direct object reference (IDOR), linked to CWE-287.
When combined with the command injection vulnerability (CVE-2024-8957), attackers can execute code remotely with root privileges.
As with the first vulnerability, there is no confirmed evidence of this being exploited in ransomware attacks.
However, the risk remains significant, and CISA recommends similar mitigation strategies—either implementing vendor-provided fixes or ceasing theuse of the cameras if solutions are not provided.
The deadline for mitigation is also November 25, 2024.
PTZOptics users are strongly encouraged to assess their systems promptly and follow the prescribed actions to mitigate these vulnerabilities.
Failure to address these issues could result in severe security breaches, potentially compromising privacy and security in settings where these cameras are deployed.
Users should remain vigilant and apply timely updates and patches to safeguard against potential threats.
#Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
CISA Warns of PTZOptics Cameras Vulnerability Exploited to Escalate Privileges
Author: DhivyaThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about critical vulnerabilities identified in PTZOptics PT30X-SDI/NDI cameras.
These vulnerabilities, tracked as CVE-2024-8957 and CVE-2024-8956, could allow attackers to escalate privileges and execute commands with root access.
CVE-2024-8957: Command Injection Vulnerability
The first vulnerability, CVE-2024-8957, is an OS command injection flaw in the PTZOptics PT30X-SDI/NDI cameras.
It allows a remote, authenticated attacker to escalate privileges to root through a crafted payload using the ntp_addr parameter of the /cgi-bin/param.cgi CGI script.
This vulnerability is related to CWE-78, which deals with improper neutralization of particular elements used in an OS command.
The possibility of this vulnerability being used in ransomware campaigns remains unknown.
CISA advises users to apply mitigations as per the vendor’s instructions or to discontinue using the affected products if no mitigations are available. This vulnerability must be addressed by November 25, 2024.
CVE-2024-8956: Authentication Bypass Vulnerability
CVE-2024-8956 describes an authentication bypass vulnerability in the same PTZOptics cameras.
This flaw allows remote attackers to bypass authentication for the /cgi-bin/param.cgi CGI script through an insecure direct object reference (IDOR), linked to CWE-287.
When combined with the command injection vulnerability (CVE-2024-8957), attackers can execute code remotely with root privileges.
As with the first vulnerability, there is no confirmed evidence of this being exploited in ransomware attacks.
However, the risk remains significant, and CISA recommends similar mitigation strategies—either implementing vendor-provided fixes or ceasing theuse of the cameras if solutions are not provided.
The deadline for mitigation is also November 25, 2024.
PTZOptics users are strongly encouraged to assess their systems promptly and follow the prescribed actions to mitigate these vulnerabilities.
Failure to address these issues could result in severe security breaches, potentially compromising privacy and security in settings where these cameras are deployed.
Users should remain vigilant and apply timely updates and patches to safeguard against potential threats.
#Cyber_Security_News #Vulnerability #cyber_security #cyber_security_news #vulnerability
Оригинальная версия на сайте:
