Specialists in malware reverse engineering reported the finding of three vulnerabilities in Video Surveillance 8000 Series IP cameras from tech firm Cisco. Successful exploitation of these vulnerabilities would allow threat actors to compromise a device completely.
Below are brief overviews of reported flaws, in addition to their respective tracking keys and scores according to the Common Vulnerability Scoring System (CVSS).
CVE-2020-3506: Insufficient validation of Cisco Discovery Protocol packets would allow threat actors to send specially designed traffic to the target device in order to execute arbitrary code on the system, causing severe damage. This vulnerability received a score of 7.7/10, as mentioned by the malware reverse engineering specialists.
CVE-2020-3507: Insufficient validation of Cisco Discovery Protocol packets would allow local threat actors to send specially designed traffic to the vulnerable device, which would trigger remote code execution on the target system. The fault received a score of 7.7/10.
CVE-2020-3505: This failure exists due to a memory leak when processing Cisco Discovery Protocol packets, which would allow remote malicious hackers to pass specially designed traffic to the vulnerable device, triggering a denial of service (DoS) condition.
According to the malware reverse engineering specialists, this flaw received a score of 6.4/10.
Cisco Video Surveillance 8000 Series versions vulnerable to these attacks are: 1.0.7 and 1.0.9-1.
Not all is bad news, as Cisco has confirmed that the vulnerabilities do not affect the following IP camera families:
- Video Surveillance 3000 Series
- Video Surveillance 4000 Series High-Definition
- Video Surveillance 4300E and 4500E High-Definition
- Video Surveillance 6000 Series
- Video Surveillance 7000 Series
- Video Surveillance PTZ
Although some attacks can be deployed remotely, experts have not detected attempts at active exploitation or the existence of a malware variant related to these attacks. Security patches have already been released by Cisco, so vulnerable release managers should upgrade as soon as possible.