AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C
-
A denial of service (DoS) vulnerability exists in the Cisco Video Surveillance IP Cameras 2421, 2500 series and 2600 series of devices. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted RTSP TCP packets to an affected device. Successful exploitation prevents cameras from sending video streams, subsequently causing a reboot. The camera reboot is done automatically and does not require action from an operator.
There are no workarounds available to mitigate exploitation of this vulnerability that can be applied on the Cisco Video Surveillance IP Cameras. Mitigations that can be deployed on Cisco devices within the network are available.
This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-camera.
Note: Effective October 18, 2011, Cisco moved the current list of Cisco Security Advisories and Responses published by Cisco PSIRT. The new location is https://sec.cloudapps.cisco.com/security/center/publicationListing. You can also navigate to this page from the Cisco Products and Services menu of the Cisco Security (SIO) Portal. Following this transition, new Cisco Security Advisories and Responses will be published to the new location. Although the URL has changed, the content of security documents and the vulnerability policy are not impacted. Cisco will continue to disclose security vulnerabilities in accordance with the published Security Vulnerability Policy.
-
Vulnerable Products
Cisco Video Surveillance IP Cameras 2421, 2500 series, and 2600 series are affected by this vulnerability.
For Cisco Video Surveillance 2421 and 2500 series IP Cameras, all 1.1.x software releases and releases prior 2.4.0 are affected by this vulnerability.
For Cisco Video Surveillance 2600 IP Camera, all software releases before 4.2.0-13 are affected by this vulnerability.
To check the version of system firmware that is running on the device and to determine device model, log in to the device with the web management interface, and navigate to the Status page.
Products Confirmed Not Vulnerable
The following Cisco Video Surveillance IP Cameras are confirmed not vulnerable:
- Cisco Video Surveillance 2900 Series IP Cameras
- Cisco Video Surveillance 4000 Series IP Cameras
- Cisco Video Surveillance 5000 Series HD IP Dome Cameras
No other Cisco products are currently known to be affected by this vulnerability.
-
The Cisco Video Surveillance IP Cameras are feature-rich digital cameras designed to provide superior performance in a wide variety of video surveillance applications.
Cisco Video Surveillance IP Cameras RTSP Crafted Packet Vulnerability
The Cisco Video Surveillance IP Cameras 2421, 2500 series, and 2600 series of devices are affected by a RSTP TCP crafted packets denial of service vulnerability that may allow an unauthenticated attacker to cause the device to reload by sending a series of crafted packets. This vulnerability can be exploited from both wired and wireless segments.
This vulnerability is documented in the following Cisco bug IDs:
- Cisco Video Surveillance 2421 IP Dome in Cisco bug ID: CSCtj96312 (registered customers only).
- Cisco Video Surveillance 2500 Series IP Cameras in Cisco bug ID: CSCtj39462 (registered customers only).
- Cisco Video Surveillance 2600 Series IP Cameras in Cisco bug ID: CSCtl80175 (registered customers only).
-
There are no workarounds available to mitigate exploitation of this vulnerability that can be applied on the Cisco Video Surveillance IP Cameras.
Mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document for this advisory, which is available at the following location: https://sec.cloudapps.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20111026-camera
-
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance.
Software release 2.4.0 and later for Cisco Video Surveillance 2421 and 2500 series IP Cameras contain fix for this vulnerability. The software can be downloaded from Cisco Software Center at the following location: http://www.cisco.com/cisco/software/type.html?mdfid=282052803&flowid=7144
Software release 4.2.0-13 and later for Cisco Video Surveillance 2600 series IP Cameras contain the fix for this vulnerability. The software can be downloaded from Cisco Software Center at the following location: http://www.cisco.com/cisco/pub/software/portal/select.html?mdfid=283841388&catid=280249565
-
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory.
This vulnerability was discovered during internal testing.
-
To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.
-
Revision 1.0 2011-October-26 Initial public release
-
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy, and may lack important information or contain factual errors. The information in this document is intended for end-users of Cisco products.