Published: 22/04/2021 Updated: 25/04/2022

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3), Siveillance Video Open Network Bridge (2020 R2), Siveillance Video Open Network Bridge (2020 R1), Siveillance Video Open Network Bridge (2019 R3), Siveillance Video Open Network Bridge (2019 R2), Siveillance Video Open Network Bridge (2019 R1), Siveillance Video Open Network Bridge (2018 R3), Siveillance Video Open Network Bridge (2018 R2). Affected Open Network Bridges store user credentials for the authentication between ONVIF clients and ONVIF server using a hard-coded key. The encrypted credentials can be retrieved via the MIP SDK. This could allow an authenticated remote malicious user to retrieve and decrypt all credentials stored on the ONVIF server.

Vulnerable Product	Search on Vulmon	Subscribe to Product
siemens siveillance video open network bridge 2018
siemens siveillance video open network bridge 2019
siemens siveillance video open network bridge 2020

CWE-798 https://cert-portal.siemens.com/productcert/pdf/ssa-853866.pdf https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-27392

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect