Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_ILLUSTRA_CVE-2023-0954.NASL
HistoryJun 18, 2024 - 12:00 a.m.

Sensormatic Electronics Illustra Pro Gen 4 Active Debug Code (CVE-2023-0954)

2024-06-1800:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
4
illustra pro cameras
gen 4
active debug code
cve-2023-0954
file data
tenable_ot_illustra_cve-2023-0954.nasl
scanner

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.6%

JSON

A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(502273);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/19");

  script_cve_id("CVE-2023-0954");

  script_name(english:"Sensormatic Electronics Illustra Pro Gen 4 Active Debug Code (CVE-2023-0954)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and
PTZ cameras allows a user to compromise credentials after a long
period of sustained attack.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # https://www.johnsoncontrols.com/-/media/project/jci-global/johnson-controls/us-region/united-states-johnson-controls/cyber-solutions/security-advisories/documents/jci-psa-2023-02.pdf
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2b3657b1");
  script_set_attribute(attribute:"see_also", value:"https://www.johnsoncontrols.com/cyber-solutions/security-advisories");
  script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-02");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

​Sensormatic Electronics has provided the following mitigations:

- ​Update Illustra Pro Gen 4 Dome to version 6.00.00.
- ​Update Illustra Pro Gen 4 PTZ to version 6.00.00.

​The camera can be upgraded via the web GUI using firmware Illustra provides, which can be found on
www.illustracameras.com. The firmware can also be upgraded using the Illustra Connect tool (Windows based) or Illustra
Tools (mobile app) or victor/VideoEdge, which also provides bulk firmware upgrade capability. Refer to the respective
application documents for further information.

​For additional information, refer to Johnson Controls Product Security Advisory JCI-PSA-2023-02 v1.

​");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-0954");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/06/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/06/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/06/18");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:johnsoncontrols:illustra_pro_gen_4_dome_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:johnsoncontrols:illustra_pro_gen_4_ptz_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Illustra");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Illustra');

var asset = tenable_ot::assets::get(vendor:'Illustra');

var vuln_models = {
  # Illustra Pro Gen 4 Dome
  'IPS02D12OI04' :
      {"versionEndExcluding" : "ss016.05.09.04.0006"},
  'IPS02D17OI04' :
      {"versionEndExcluding" : "ss016.05.09.04.0006"},
  'IPS04D12OI04' :
      {"versionEndExcluding" : "ss016.05.09.04.0006"},
  'IPS04D14OI04' :
      {"versionEndExcluding" : "ss016.05.09.04.0006"},
  'IPS08D13OI04' :
      {"versionEndExcluding" : "ss016.05.09.04.0006"},
  'IPS08D14OI04' :
      {"versionEndExcluding" : "ss016.05.09.04.0006"},
  'IPS02C10OIA4' :
      {"versionEndExcluding" : "ss016.05.09.04.0006"},
  'IPS04C10OIA4' :
      {"versionEndExcluding" : "ss016.05.09.04.0006"},
  'IPS08C10OIA4' :
      {"versionEndExcluding" : "ss016.05.09.04.0006"},
  # Illustra Pro Gen 4 PTZ
  'IPS02P07RT04' :
      {"versionEndExcluding" : "ss010.05.09.04.0022"},
  'IPS08P25RT04' :
      {"versionEndExcluding" : "ss010.05.09.04.0022"},
  'IPS08P25OI04' :
      {"versionEndExcluding" : "ss010.05.09.04.0022"},
  'IPS02P24OI04' :
      {"versionEndExcluding" : "ss010.05.09.04.0022"}
};

tenable_ot::cve::compare_and_report(asset:asset, vuln_models:vuln_models, severity:SECURITY_HOLE);
VendorProductVersionCPE
johnsoncontrolsillustra_pro_gen_4_ptz_firmwarecpe:/o:johnsoncontrols:illustra_pro_gen_4_ptz_firmware
johnsoncontrolsillustra_pro_gen_4_dome_firmwarecpe:/o:johnsoncontrols:illustra_pro_gen_4_dome_firmware

Related

cvelist 1
ics 1
cve 1
prion 1
nvd 1
cvelist
cvelist
CVE-2023-0954 Debug feature in Sensormatic Electronics Illustra Dome and PTZ cameras
2023-06-08 20:05:20
ics
ics
​Sensormatic Electronics Illustra Pro Gen 4
2023-06-08 12:00:00
cve
cve
CVE-2023-0954
2023-06-08 21:15:16
prion
prion
Design/Logic Flaw
2023-06-08 21:15:00
nvd
nvd
CVE-2023-0954
2023-06-08 21:15:16

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.6%

JSON
Related for TENABLE_OT_ILLUSTRA_CVE-2023-0954.NASL
cvelist1ics1cve1prion1nvd1