Published:2023/06/06  Last Updated:2023/06/06

JVNVU#90812349
Multiple vulnerabilities in KbDevice digital video recorders

Overview

Multiple digital video recorders provided by KbDevice,Inc. contain multiple vulnerabilities.

Products Affected

  • KB-AHR04D versions prior to 91110.1.101106.78
  • KB-AHR08D versions prior to 91210.1.101106.78
  • KB-AHR16D versions prior to 91310.1.101106.78
  • KB-IRIP04A versions prior to 95110.1.100290.78A
  • KB-IRIP08A versions prior to 95210.1.100290.78A
  • KB-IRIP16A versions prior to 95310.1.100290.78A

 

Description

Multiple digital video recorders provided by KbDevice,Inc. contain multiple vulnerabilities listed below.

  • Improper authentication (CWE-287) - CVE-2023-30762
  • OS command injection (CWE-78) - CVE-2023-30764
  • Hidden functionality (CWE-912) - CVE-2023-30766

Impact

An arbitrary OS command may be executed on the product or the device settings may be altered.

Solution

Update the firmware
Update the firmware to the latest version according to the information provided by the developer.

For more information, refer to the information provided by the developer.

Vendor Status

Vendor Link
KbDevice,Inc. Update: Fix for a recorder network attack issue (Text in Japanese)

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score: 8.8
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)

Comment

This analysis assumes a scenario that OS commands are executed on the device using the credentials obtained by CVE-2023-30762.

Credit

Yoshiki Mori, Ushimaru Hayato, Hiromu Kubiura and Masaki Kubo of National Institute of Information and Communications Technology Cybersecurity Research Institute reported these vulnerabilities to JPCERT/CC.
JPCERT/CC coordinated with the developer.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2023-30762
CVE-2023-30764
CVE-2023-30766
JVN iPedia