Multiple vulnerabilities in Schneider Electric Pelco VideoXpert Enterprise
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2017-9964 CVE-2017-9965 CVE-2017-9966 |
| CWE-ID | CWE-22 CWE-284 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Pelco VideoXpert Enterprise Hardware solutions / Firmware |
| Vendor | Schneider Electric |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Path traversal
EUVDB-ID: #VU9697
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9964
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a directory traversal attack.
The weakness exists due to path traversal. A remote attacker can supply sniffing communications, conduct a directory traversal attack and bypass authentication or hijack an existing user's session.
MitigationUpdate to version 2.1.
Pelco VideoXpert Enterprise: All versions
External linkshttp://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Id=864264...
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Path traversal
EUVDB-ID: #VU9698
Risk: Low
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9965
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a directory traversal attack.
The weakness exists due to path traversal. A remote attacker can supply sniffing communications, conduct a directory traversal attack and view web server files.
MitigationUpdate to version 2.1.
Pelco VideoXpert Enterprise: All versions
External linkshttp://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Id=864264...
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Privilege escalation
EUVDB-ID: #VU9699
Risk: Medium
CVSSv3.1: 7.4 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-9966
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote authorized attacker to gain elevated privileges on the target system.
The weakness exists due to improper access control. A remote attacker can replace certain files, obtain system privileges and execute the inserted code at an elevated privilege level.
Successful exploitation of the vulnerability may result in system compromise.
MitigationUpdate to version 2.1.
Pelco VideoXpert Enterprise: All versions
External linkshttp://download.schneider-electric.com/files?p_enDocType=Technical+leaflet&p_File_Id=864264...
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
