Hardcoded Credentials Vulnerability in Verint Surveillance Cameras
CVE-2020-24056

7.5HIGH

Key Information:

Vendor: Verint
Status: 5620ptz Firmware
Vendor: CVE Published:; 21 August 2020

What is CVE-2020-24056?

A vulnerability exists in various Verint surveillance camera models due to hardcoded credentials, which may lead to unauthorized access and compromise the confidentiality of the devices. This poses a significant risk when using protocols such as FTP, Telnet, or SSH, making the affected systems vulnerable to exploitation by malicious actors. Users are advised to update their devices to secure their systems effectively.

References

https://ioactive.com/verint-ptz-cameras-multiple-vulnerab...

x_refsource_MISC

https://ioac.tv/2Nbc40h

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 21, 2020
Vulnerability Reserved
Aug 13, 2020

CVE-2020-24056 Data

JSON