Siemens firmware emits admin login details to anyone who asks nicely
Siemens has issued a security patch for CCTV cameras that cough up their admin passwords to remote attackers.
The cameras are now sold by Vanderbilt Industries, which acquired the camera business unit from the German industrial giant in 2015.

The security bug lies in the web server in the gadgets’ firmware, and is present in 16 product ranges under the Siemens brand, including dome, box and bullet-style cameras.

If an attacker finds unpatched device on the internet and sends the right HTTP request, the camera will hand over its admin credentials. “An attacker with network access to the web server could obtain administrative credentials by sending certain requests,” reads the advisory for CVE-2016-9155.
Readers will know it doesn’t take long for hackers to scan the internet for vulnerable kit, so owners of the Siemens/Vanderbilt cams need to get busy with their patches before they are hijacked.
Cameras and digital video recorders were among the types of device exploited by the Mirai botnet in attacks against Brian Krebs’ site and the Dyn DNS service (now Oracle’s problem).
The Siemens advisory on the security cockup is here [PDF]. ®
Sponsored: Customer Identity and Access Management

Leave a Reply