Austrian cybersecurity agency SEC Consult found a sequence of vulnerabilities affecting Infiray IRAY-A8Z3 thermal cameras in February 2021.
The consulting organization disclosed the facts of the vulnerabilities in an advisory on Tuesday, indicating they had been a direct consequence of insecure coding tactics, insecure configuration and outdated software package factors within just the embedded firmware
SEC Consult also claimed it discovered many attack vectors that will consequence in distant code execution (RCE).
For context, InfiRay is a China-dependent maker of optical factors, specially infrared and thermal imaging alternatives. Its items are at this time offered in 89 countries and areas all-around the environment.
For the reason that of the wide reach of its goods, the found out flaws could most likely act as an entry issue into industrial manage programs (ICS) and supervisory regulate and information acquisition (SCADA) networks.
In conditions of critical vulnerabilities influencing the Infiray IRAY-A8Z3 cameras, SEC Consult described five. The initially refers to the hardcoded qualifications for the camera’s web application.
“As these accounts cannot be deactivated or adjust their passwords, they are regarded as to be backdoor accounts.”
Secondly, the enterprise reported the cameras’ web server interface has an endpoint that can execute arbitrary commands by manipulating the “cmd_string” URL parameter, therefore enabling person login making use of a single of the aforementioned backdoor accounts.
The 3rd issue refers to a prospective buffer overflow attack that could be executed by calling strcpy() devoid of examining the string length very first.
Fourthly, the camera reportedly features a shell by means of a telnet connection.
“The root consumer does not require a password per default. Consequently, anyone on the area network can execute arbitrary instructions as root on the digicam.”
Finally, SEC Consult stated the cameras have many out-of-date program elements that contains vulnerabilities that were being uncovered working with the IoT Inspector (OneKey) firmware assessment platform.
The security corporation contacted InfiRay many periods during its investigation, sending them a draft of the advisory in April 2021, but the seller hardly ever responded to its requests.
Due to the fact of this, SEC Consult warned it was unaware no matter if the seller experienced patched the affected units or not.
“The seller was unresponsive throughout the disclosure approach. For this reason it is unclear no matter if patches are obtainable. Prospects are urged to approach their vendor make contact with and ask for security assessments and updates.”
Some parts of this article are sourced from:
www.infosecurity-magazine.com