VDB
SSA-853866
SSA-853866
PUBLISHED
CVSS 9.899999618530273 CRITICAL
Siemens has released hotfixes for Siveillance Video Open Network Bridge (ONVIF) which fix a security vulnerability related to unsecure storage of ONVIF user credentials. The vulnerability could allow an authenticated remote attacker to retrieve and decrypt all user credentials stored on the ONVIF server. Siemens recommends to apply the hotfixes at the earliest opportunity. See also the chapter Additional Information, how to apply the hotfix.
Risk Scores
CVSS 3.1
9.899999618530273
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Siveillance Video Open Network Bridge |
Exploit Intelligence
- https://cert-portal.siemens.com/productcert/pdf/ssa-853866.pdf (circl)
- https://cert-portal.siemens.com/productcert/txt/ssa-853866.txt (circl)
- https://cert-portal.siemens.com/productcert/csaf/ssa-853866.json (circl)
- https://support.industry.siemens.com/cs/ww/en/view/109791980/ (circl)
- https://support.industry.siemens.com/cs/ww/en/view/109781128/ (circl)
- https://support.industry.siemens.com/cs/ww/en/view/109779088/ (circl)
- https://support.industry.siemens.com/cs/ww/en/view/109773456/ (circl)
- https://support.industry.siemens.com/cs/ww/en/view/109769052/ (circl)
- https://support.industry.siemens.com/cs/ww/en/view/109766085/ (circl)
- https://support.industry.siemens.com/cs/ww/en/view/109762643/ (circl)
…and 1 more exploits
Timeline
- CVE Published
References
- https://cert-portal.siemens.com/productcert/pdf/ssa-853866.pdf advisory
- https://cert-portal.siemens.com/productcert/txt/ssa-853866.txt advisory
- https://cert-portal.siemens.com/productcert/csaf/ssa-853866.json advisory
- https://support.industry.siemens.com/cs/ww/en/view/109791980/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109781128/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109779088/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109773456/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109769052/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109766085/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109762643/ fix
- https://support.industry.siemens.com/cs/ww/en/view/109762751/ fix