Attackers Can Access and Modify Security Cameras via Default Credentials
CVE-2024-38282

Currently unrated

Key Information:

Vendor: Motorola Solutions
Status: Vigilant Fixed Lpr Coms Box (bcav1f2-c600)
Vendor: CVE Published:; 13 June 2024

Summary

Utilizing default credentials, an attacker is able to log into the camera's operating system which could allow changes to be made to the operations or shutdown the camera requiring a physical reboot of the system.

Affected Version(s)

Vigilant Fixed LPR Coms Box (BCAV1F2-C600) 0 <= 3.1.171.9

References

https://www.cisa.gov/news-events/ics-advisories/icsa-24-1...

government-resource

Timeline

Vulnerability published
Jun 13, 2024
Vulnerability Reserved
Jun 12, 2024

Credit

The Michigan State Police Michigan Cyber Command Center (MC3)