Full Report
Several camera device drivers in the Siveillance Video Device Pack store camera credentials in their log file when authentication fails. This could allow a local attacker to read camera credentials stored in the Recording Server under specific conditions. Siemens has released an update of the Device Pack and recommends to apply this update to all deployments of Siveillance Video. In general, Siemens recommends installing the latest Device Pack which contains the most up-to-date device drivers.
Analysis Summary
# Vulnerability: Information Disclosure in Siveillance Video Camera Drivers
## CVE Details
- **CVE ID:** CVE-2024-12569
- **CVSS Score:**
- **7.8 High** (CVSS v3.1)
- **5.2 Medium** (CVSS v4.0)
- **CWE:** CWE-532 (Insertion of Sensitive Information into Log File)
## Affected Systems
- **Products:** Siveillance Video Device Pack (used with Siveillance Video/VMS Core, Core Plus, Advanced, and Pro)
- **Versions:** All versions prior to V13.5
- **Configurations:** Systems utilizing third-party camera drivers within the Recording Server component.
## Vulnerability Description
A flaw exists in several camera device drivers included in the Siveillance Video Device Pack. When a camera authentication attempt fails, the driver inadvertently writes the camera credentials into its local log file. This allows an attacker with access to the file system to retrieve cleartext or reversible credentials used by the Recording Server to manage third-party cameras.
## Exploitation
- **Status:** Not exploited (reported via coordinated disclosure by Milestone PSIRT)
- **Complexity:** High (Requires specific conditions to trigger the failure and log generation)
- **Attack Vector:** Local (Attacker must have local access to the Recording Server's file system)
## Impact
- **Confidentiality:** High (Disclosure of camera credentials)
- **Integrity:** High (Potential for unauthorized configuration changes if credentials are reused)
- **Availability:** High (Potential for service disruption of camera feeds)
## Remediation
### Patches
- **Siveillance Video Device Pack:** Update to **V13.5** or later.
- Siemens recommends maintaining the most up-to-date Device Pack to ensure all drivers receive current security fixes.
### Workarounds
- **Access Control:** Restrict local access to the Recording Server and its log files. Ensure only trusted administrative personnel have permissions to read driver log directories.
- **Network Isolation:** Follow general security recommendations to segment the video management network from the broader corporate IT environment.
## Detection
- **Indicators of Compromise:** Unusual access patterns to the driver log directories on the Recording Server.
- **Detection Methods:** Audit file system access logs for unauthorized users reading log files associated with the Siveillance Video Recording Server service.
## References
- **Siemens Advisory:** hxxps://cert-portal.siemens[.]com/productcert/html/ssa-404759.html
- **Siemens Support Portal:** hxxps://support.industry.siemens[.]com/cs/ww/en/view/109761843/
- **Milestone Security Advisory:** hxxps://supportcommunity.milestonesys[.]com/s/article/CVE-2024-12569-sensitive-information-in-the-drivers-log-file
- **CVE Record:** hxxps://www.cve[.]org/CVERecord?id=CVE-2024-12569