9.8 - VU#896979

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	IPTV encoder devices contain multiple vulnerabilities

Informations
Name	VU#896979	First vendor Publication	2020-09-15
Vendor	VU-CERT	Last vendor Modification	2020-09-28
Severity (Vendor)	N/A	Revision	M

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score	9.8
Base Score	9.8	Environmental Score	9.8
impact SubScore	5.9	Temporal Score	9.8
Exploitabality Sub Score	3.9

Attack Vector	Network	Attack Complexity	Low
Privileges Required	None	User Interaction	None
Scope	Unchanged	Confidentiality Impact	High
Integrity Impact	High	Availability Impact	High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Overview

Multiple vulnerabilities exist in various Video Over IP (Internet Protocol) encoder devices, also known as IPTV/H.264/H.265 video encoders. These vulnerabilities allow an unauthenticated remote attacker to execute arbitrary code and perform other unauthorized actions on a vulnerable system.

Description

IPTV/H.264/H.265 video encoder devices provide video streaming capability over IP networks. The underlying software in these devices seem to share common components that have multiple weaknesses in their design and default configuration.

The vulnerabilities occur primarily in the network services such as web and telnet interfaces. These vulnerabilities stem from software bugs, such as insufficient validation of user input and the use of insecure credentials through hard-coded passwords. https://owasp.org/www-project-top-ten/. The vulnerable components may also be present in other Internet of Things (IoT) devices.

These devices are manufactured using components acquired from a complex supply chain and are often sold through common outlets such as retail stores and e-commerce websites. This makes it difficult to identify impacted devices and notify the appropriate stakeholders, thus illustrating the dire need for Software Bill of Materials SBOM in this growing and complex digital market.

Further details of these vulnerabilities can be found in this blog post by Alexei Kojenov.

Impact

The impact of these vulnerabilities are summarized in the following list:

Full administrative access via backdoor password (CVE-2020-24215)
Administrative root access via backdoor password (CVE-2020-24218)
Arbitrary file read via path traversal (CVE-2020-24219)
Unauthenticated file upload (CVE-2020-24217)
Arbitrary code execution by uploading malicious firmware (CVE-2020-24217)
Arbitrary code execution via command injection (CVE-2020-24217)
Denial of service via buffer overflow (CVE-2020-24214)
Unauthorized video stream access via RTSP (CVE-2020-24216)

Solution

Apply Updates

Contact your vendor. See also the Vendor Information section below.

Restrict network access

Restrict network access of these devices to a well protect local area network (LAN) or through a firewall. Allowing direct Internet access to these devices increases the risk of compromise and potential abuse from an unauthorized remote attacker.

Acknowledgements

Alexei Kojenov https://kojenov.com/ researched and reported these vulnerabilities.

This document was written by Vijay Sarvepalli.

Original Source

Url : https://kb.cert.org/vuls/id/896979

CWE : Common Weakness Enumeration

%	Id	Name
50 %	CWE-798	Use of Hard-coded Credentials (CWE/SANS Top 25)
25 %	CWE-306	Missing Authentication for Critical Function (CWE/SANS Top 25)
25 %	CWE-22	Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

Type	Description	Count
Os	Jtechdigital H.264 Iptv Encoder 1080P@60Hz Firmware cpe:2.3:o:jtechdigital:h.264_iptv_encoder_1080p@60hz_firmware:-:::::::*	1
Os	Provideoinstruments Vecaster-4k-Hevc Firmware cpe:2.3:o:provideoinstruments:vecaster-4k-hevc_firmware:-:::::::*	1
Os	Provideoinstruments Vecaster-Hd-H264 Firmware cpe:2.3:o:provideoinstruments:vecaster-hd-h264_firmware:-:::::::*	1
Os	Provideoinstruments Vecaster-Hd-Hevc Firmware cpe:2.3:o:provideoinstruments:vecaster-hd-hevc_firmware:-:::::::*	1
Os	Provideoinstruments Vecaster-Hd-Sdi Firmware cpe:2.3:o:provideoinstruments:vecaster-hd-sdi_firmware:-:::::::*	1
Os	Szuray Iptv/H.264 Video Encoder Firmware cpe:2.3:o:szuray:iptv/h.264_video_encoder_firmware:-:::::::*	1
Os	Szuray Iptv/H.265 Video Encoder Firmware cpe:2.3:o:szuray:iptv/h.265_video_encoder_firmware:-:::::::*	1

Alert History

If you want to see full details history, please login or register.

Date	Informations
2021-01-19 21:18:06	Multiple Updates
2020-09-28 17:17:31	Multiple Updates
2020-09-21 09:17:31	Multiple Updates
2020-09-18 05:17:33	Multiple Updates
2020-09-17 17:19:13	Multiple Updates
2020-09-15 21:17:45	First insertion

Global Informations

Type	Count
CWE ID(s)	4
CPE ID(s)	7

	Related
9.8	CVE-2020-24218
9.8	CVE-2020-24217
9.8	CVE-2020-24215
9.8	CVE-2020-24214
7.5	CVE-2020-24219
7.5	CVE-2020-24216
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 6 more Alert(s)