Anyone who uses the N48PBB video surveillance system from Annke should update the system as soon as possible. The reason for this is as “criticalThe network video recorder is used worldwide in critical infrastructures, among other things.
If attackers successfully exploit the vulnerability (CVE-2021-32941), they could access actually sealed off data or even execute malicious code. The Cybersecurity & Infrastructure Security Agency (CISA) warns of this in one post.
Root malicious code vulnerability
According to the Nozomi Networks gap discoverers The weak point is in the web application that is used to make device settings. By default, all users should be able to view saved recordings. Using prepared HTTP requests, the security researchers were able to trigger a memory error (stack-based overflow) and thus a DoS state.
This is usually the preliminary stage for executing malicious code. In this case even with root rights. This is particularly dangerous because attackers equipped with these rights could completely compromise devices.
In addition, the researchers said they were able to manipulate the firmware in order to get unrestricted SSH access to the network video recorder.
All firmware versions up to and including V3.4.106 build 200422 are affected by the vulnerability. The secured version is currently V3.4.106 build 201121 in the official download portal available.
In addition to patching, admins should ensure that the system cannot be accessed directly from the Internet. If this cannot be avoided, access should only be encrypted via VPN. Only registered users should be allowed to access them locally. It is also recommended that the system be sealed off with a firewall.