The NCCIC has released an advisory predictable from observable state, hidden functionality, missing encryption of sensitive vulnerabilities in Hangzhou Xiongmai Technology Co., Ltd Xmeye P2P Cloud Server. Successful exploitation of these vulnerabilities could allow unauthorized access to video feeds with the potential to modify settings, replace firmware, and/or execute code. Hangzhou Xiongmai Technology Co., Ltd has not provided mitigations for these vulnerabilities. In the meantime, the NCCIC recommends taking immediate action to change the admin account password along with the undocumented “default” account password to minimize risk of exploit. The NCCIC also recommends verifying the source of all firmware updates and reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!