Security researchers disclosed seven vulnerabilities in the firmware of 390 models of Axis IP cameras that threat actors can exploit to gain full control to video streams and software, render the device useless, use as an entry point for network infiltration, or use for other attacks such as distributed denial of service (DDoS). The manufacturer released solutions for these flaws after being notified, and users of the identified models should update their firmware as soon as possible.
Researchers notified Axis Communications of the vulnerabilities after examining a number of Internet of Things (IoT) flaws affecting consumer and commercial products, including zero-day vulnerabilities. Using three of the flaws in sequence allows remote access for shell commands with root privileges, as well as other controls with accompanying proofs-of-concept (POCs) for the following:
- Access to real-time video stream
- Freeze the video stream
- Control direction and activate/deactivate motion detection
- Add to a botnet
- Alter the software
- Perform lateral movement after network infiltration
- Render it useless
- Perform other malicious tasks such as cryptocurrency mining and DDOs attacks
The researchers add that none of the flaws have been exploited in the wild, but warn that the company’s customers should immediately update their firmware to protect their systems. Axis’ presence spans more than 150 countries and offers IP cameras in public and private spaces such as casinos, banks, prisons, and transportation systems.
This report adds to a growing list of IoT concerns. Here are a few ways to mitigate these risks:
- Regularly download patches and updates released by legitimate vendors and your devices’ manufacturers.
- Change default credentials set by the manufacturers, use strong passwords and frequently change them to reduce possible unauthorized access by outsiders.
- Familiarize yourself with the features of your IoT device. Choose devices with secure infrastructure reputation from trustworthy vendors.
Trend Micro™ Smart Home Network™ customers are protected from this threat with these rules:1134791 WEB Axis Cameras Authorization Bypass Vulnerability (CVE-2018-10661)
1134792 WEB Axis Cameras /bin/ssid Process Crash (CVE-2018-10659)
1134793 WEB Axis Cameras Dbus Unrestricted Access (CVE-2018-10662)
1134794 WEB Axis Cameras Shell Command Injection (CVE-2018-10660)
1134795 WEB Axis Cameras /bin/ssid Process Information Disclosure (CVE-2018-10663)
1134796 WEB Axis Cameras Dbus /bin/ssid Process Crash (CVE-2018-10658)
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale