Possible Buffer Overflow in Camera Drivers Could Lead to Recording Server Compromise
CVE-2024-3506

6.7MEDIUM

Key Information:

Vendor: Milestone Systems
Status: Xprotect Vms
Vendor: CVE Published:; 8 October 2024

🔔 Create Milestone Systems Vulnerability Alert

What is CVE-2024-3506?

A possible buffer overflow in selected cameras' drivers from XProtect Device Pack can allow an attacker with access to internal network to execute commands on Recording Server under strict conditions.

Affected Version(s)

XProtect VMS Windows 0 <= 13.1a

References

https://supportcommunity.milestonesys.com/KBRedir?art=000...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 8, 2024
Vulnerability Reserved
Apr 9, 2024

JSON