Home Cyber Crime Annke network video recorder vulnerability could see attackers seize control of security...

Annke network video recorder vulnerability could see attackers seize control of security cameras


Malicious hackers might entry and delete footage or disable cameras

Network video recorder vulnerability could see attackers seize control of Annke security cameras

A remote code execution (RCE) vulnerability in a community video recorder (NVR) manufactured by Annke might lead to a whole compromise of the IoT gadget.

The essential flaw (CVE-2021-32941) was found within the playback performance of NVR mannequin N48PBB, which captures and data reside streams from as much as eight IP safety cameras and offers centralized, distant administration of video surveillance methods.

Safety digital camera operators with vulnerable installations have been urged to replace their firmware as quickly as potential to keep away from the havoc attackers might probably wreak.

YOU MIGHT ALSO LIKE Rampant misconfigurations in Microsoft Power Apps exposed 38 million records

In accordance with a blog post printed yesterday (August 26) by Nozomi Networks, unauthenticated attackers might entry “non-public data recorded on movies, receive the place of worthwhile property, or stalk individuals”.

Miscreants might additionally delete video footage, reconfigure movement detection alarms, disable specified cameras, or shut down the NVR altogether.

Annke, which is headquartered in Hong Kong, claims its safety cameras, NVRs, and associated equipment have been utilized by 5 million companies or householders worldwide.

Buffer overflow

Researchers initially discovered a Denial of Service (DoS) flaw when fuzzing HTTP requests despatched by the shopper to go looking digital camera footage. This discovering prompted them to debug the system on the {hardware} stage.

This in the end gave them unrestricted SSH entry and led them to a susceptible perform – ‘sscanf’ – that yielded a stack-based buffer overflow.

The output of the Unix ‘ps’ program then confirmed that the binary ran with root privileges, reworking the reminiscence corruption bug into an RCE that’s CVSS-rated as 9.4.

Catch up on the latest latest hardware security news and research

“Because the search performance is accessible by all customers of the gadget by default, the vulnerability could possibly be exploited (on unpatched NVRs) instantly by malicious operators, or customers, to raise their privileges on the system,” mentioned Nozomi Networks.

An absence of anti-CSRF (cross-site request forgery) mitigations within the playback performance additionally means “the vulnerability could possibly be exploited not directly by exterior attackers in ‘drive-by obtain’ assaults”.

‘Quick response time’

Nozomi Networks alerted Annke to the flaw on July 11, 2021, and the seller launched firmware addressing the vulnerability on July 22. “It is a notably quick response time, and we applaud Annke for it,” mentioned Nozomi Networks.

The flaw impacts V3.4.106 construct 200422 and all earlier variations.

The US Cybersecurity and Infrastructure Company’s personal advisory on the vulnerability provides mitigations for susceptible methods and reviews no proof, as but, of in-the-wild exploitation.

Nozomi Networks has suggested video surveillance groups to make sure they’re working an IoT and OT (operational expertise) community monitoring resolution and to contemplate “privateness legal guidelines relevant within the jurisdiction of the distributors” when buying safety digital camera methods.

The disclosure follows Nozomi Networks’ discovery earlier this yr of great community digital camera vulnerabilities in Reolink’s peer-to-peer (P2P) function and Throughtek’s software program improvement equipment (SDK).

“That is one more instance of how impactful a safety vulnerability will be when affecting an IoT digital camera system,” Nozomi Networks Labs advised The Every day Swig.

“Contemplating that many essential sectors (trade, transportation, public locations and utilities, to quote a couple of) rely upon these gadgets for surveillance and monitoring of delicate areas, and the anticipated progress sooner or later, it’s extra paramount than ever that asset homeowners are supplied by distributors with full clear options which don’t depend on security-through-obscurity approaches.”

RELATED Realtek SDK vulnerabilities impact dozens of downstream IoT vendors

Source link