7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
0.581 Medium
EPSS
Percentile
97.7%
The Samsung SRN-1670D camera contains multiple vulnerabilities.
CWE-264**: Permissions, Privileges, and Access Controls -**CVE-2015-8279
An undocumented PHP request may be used to read arbitrary files from the system.
CWE-200**: Information Exposure -**CVE-2015-8280
The interface provides too many details in errors messages, which may allow an attacker to determine user credentials.
CWE-327**: Use of a Broken or Risky Cryptographic Algorithm -**CVE-2015-8281
The firmware filesystem uses a weak custom encryption scheme based only on simple XOR operations. Vendors should not attempt to implement their own cryptographic methods.
According to the researchers, the Samsung SRN-1670D (Web Viewer Version 1,0,0,193, Date Created 2013.10.26) is affected; other Samsung SRN model cameras may be affected. This device appears to be manufactured by another company named Hanwha.
More information can be found in the researchers’ blog.
An unauthenticated remote attacker may access arbitrary files on the device, and learn user credentials.
The CERT/CC is currently unaware of a practical solution to this problem.
Hanwha has stated that this model is no longer in production and will not receive any updates.
913000
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: November 09, 2015 Updated: January 25, 2016
Statement Date: January 13, 2016
Affected
We have not received a statement from the vendor.
The model SRN-1670D
is no longer supported and therefore no firmware update will be released. However, Hanwha says the fix will be integrated into firmware for newer models.
Notified: November 09, 2015 Updated: November 09, 2015
Unknown
We have not received a statement from the vendor.
Group | Score | Vector |
---|---|---|
Base | 7.8 | AV:N/AC:L/Au:N/C:C/I:N/A:N |
Temporal | 6.7 | E:POC/RL:U/RC:UR |
Environmental | 5.0 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
<http://blog.emaze.net/2016/01/multiple-vulnerabilities-samsung-srn.html>
Thanks to Aristide Fattori, Luca Giancane and Roberto Paleari for reporting this vulnerability.
This document was written by Garret Wassermann.
CVE IDs: | CVE-2015-8279, CVE-2015-8280, [CVE-2015-8281 ](<http://web.nvd.nist.gov/vuln/detail/CVE-2015-8281 >) |
---|---|
Date Public: | 2016-01-11 Date First Published: |
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:C/I:N/A:N
8.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
0.581 Medium
EPSS
Percentile
97.7%