Schneider Electric Pelco VideoXpert Enterprise

Monitor7.1ICS-CERT ICSA-17-355-02Dec 21, 2017

Attack VectorNetwork

Auth RequiredLow

ComplexityHigh

User InteractionRequired

Summary

Pelco VideoXpert Enterprise versions prior to 2.1 contain path traversal (CWE-22) and broken access control (CWE-284) vulnerabilities. These flaws allow authenticated attackers to upload files to unauthorized directories or bypass intended security restrictions on the VideoXpert Enterprise server. The vulnerabilities affect all versions below 2.1 and are remotely exploitable with low skill level.

What this means

What could happen

An attacker with valid credentials could upload malicious files or execute arbitrary code on the VideoXpert Enterprise server, potentially compromising video surveillance infrastructure that may monitor critical energy assets or access points.

Who's at risk

Energy sector utilities deploying Pelco VideoXpert Enterprise for surveillance of substations, control centers, or critical access points. This includes monitoring systems integrated with SCADA or building management networks.

How it could be exploited

An attacker with valid engineering or administrative credentials on VideoXpert Enterprise could exploit path traversal (CWE-22) or broken access control (CWE-284) vulnerabilities to upload files outside intended directories or bypass authentication checks. This could allow execution of arbitrary commands on the surveillance server.

Prerequisites

Valid user credentials (engineering or administrative level)
Network access to VideoXpert Enterprise web interface or API
No patch available; all versions below 2.1 are affected

Remotely exploitableRequires valid credentialsHigh CVSS (7.1)No fix available for affected versionsPath traversal and access control flaws

Exploitability

Low exploit probability (EPSS 0.5%)

Affected products (1)

ProductAffected VersionsFix Status

Pelco VideoXpert Enterprise: all< 2.1No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDRestrict network access to VideoXpert Enterprise to trusted engineering and management workstations using firewall rules; do not expose to untrusted networks

HARDENINGEnforce strong passwords and disable default accounts; implement role-based access control with least-privilege principles

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Pelco VideoXpert Enterprise to version 2.1 or later if available from vendor

HARDENINGMonitor VideoXpert Enterprise server logs for unusual file upload activity or failed authentication attempts

CVEs (3)

CVE-2017-9964 CVE-2017-9965 CVE-2017-9966

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/05bdf2dd-6f5d-412e-9d72-f108caa98c5d