Security Features in HD838 and HD438IR - CVE-2020-11623
Published: July 27, 2020
Vulnerability identifier: #VU31892
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-11623
CWE-ID: CWE-254
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: AvertX
Affected software:
HD838
HD438IR
HD838
HD438IR
Detailed vulnerability description
This vulnerability allows a local attacker to bypass security rescritions feature.
The vulnerability exists due to a weak security in AvertX IP cameras. An attacker with physical access to the UART interface can access additional diagnostic and configuration functionalities as well as the camera's bootloader.
How to mitigate CVE-2020-11623
Install updates from vendor's website.