ICSA-18-128-03 Siemens Siveillance VMS Video Mobile App
Monitor4.8ICS-CERT ICSA-18-128-03May 3, 2018
Attack VectorNetwork
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary
Siemens Siveillance VMS Video Mobile App for Android and iOS contains an improper certificate validation vulnerability (CWE-295) in versions prior to V12.1a_2018_R1. An attacker with network access could exploit this to intercept or modify communications with the VMS server.
What this means
What could happen
An attacker could intercept or modify communications between the mobile app and the video management system, potentially viewing sensitive video feeds or injecting commands into surveillance systems.
Who's at risk
Organizations operating Siemens Siveillance VMS surveillance systems should be concerned if they deploy the Android or iOS mobile app for remote monitoring on staff devices. This affects security teams, facility managers, and operations personnel who use the mobile app for camera access.
How it could be exploited
An attacker on the network path between a mobile device running the vulnerable app and the Siveillance VMS server could perform a man-in-the-middle attack by exploiting the lack of proper certificate validation. The attacker would need to be able to intercept network traffic (e.g., on the same network, at an ISP level, or via DNS/ARP spoofing).
Prerequisites
- Network access to intercept traffic between mobile app and VMS server (same network, compromised network device, or ISP-level access)
- Ability to perform man-in-the-middle attack (ARP spoofing, DNS spoofing, or network position)
- Vulnerable mobile app (Android or iOS version prior to V12.1a_2018_R1) must be in use
remotely exploitableno authentication requiredimproper certificate validation enables man-in-the-middle attacksaffects video surveillance systems
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (2)
2 with fix
ProductAffected VersionsFix Status
Siveillance VMS Video for Android<V12.1a 2018 R1V12.1a (2018 R1)
Siveillance VMS Video for iOS<V12.1a 2018 R1V12.1a (2018 R1)
Remediation & Mitigation
0/5
Do now
0/2WORKAROUNDUse VPN with TLS/certificate pinning when accessing Siveillance VMS remotely
HARDENINGRestrict mobile app access to the VMS server to your organization's network only; do not allow public Internet access to the VMS server
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
HOTFIXUpdate Siveillance VMS Video app for Android to V12.1a_2018_R1 or later
HOTFIXUpdate Siveillance VMS Video app for iOS to V12.1a_2018_R1 or later
Long-term hardening
0/1HARDENINGIsolate the VMS system from the business network and Internet
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/07a36e79-f44b-4828-8d28-121d999d5bd6