Geutebrück G-Cam and G-Code
Act Now7.2ICS-CERT ICSA-20-219-03Aug 6, 2020
Attack VectorNetwork
Auth RequiredHigh
ComplexityLow
User InteractionNone needed
Summary
A command injection vulnerability (CWE-78) in Geutebrück G-Code and G-Cam controllers allows remote code execution as root when exploited by an authenticated user with administrative privileges. Affected firmware versions are 1.12.0.25, 1.12.13.2, and 1.12.14.5 across multiple product lines: G-Code EWPC-22xx, G-Cam EEC-2xxx, G-Code EBC-21xx, G-Code ETHC-22xx, and G-Code EFD-22xx. The vulnerability exists in the device management interface and requires valid administrative credentials to exploit.
What this means
What could happen
An attacker could run arbitrary commands as root on G-Code and G-Cam controllers, potentially altering video surveillance streams, access control logic, or other security-critical functions that these devices control in a facility.
Who's at risk
Organizations using Geutebrück G-Code or G-Cam video surveillance and access control systems are affected. This includes any facility relying on these controllers for security camera management (EEC-2xxx), access control logic (EWPC-22xx, EBC-21xx, ETHC-22xx), or other facility functions (EFD-22xx). Priority for video surveillance and building security operations.
How it could be exploited
An attacker with administrative credentials could exploit a command injection vulnerability (CWE-78) to execute arbitrary system commands on the device with root privileges. The attack requires high-level privileges but no user interaction, suggesting the vulnerability exists in an authenticated administrative interface or API.
Prerequisites
- Valid administrative/high-privileged credentials for the G-Code or G-Cam device
- Network access to the device's management interface or API endpoint
- Device running affected firmware version (1.12.0.25, 1.12.13.2, or 1.12.14.5)
High EPSS score (55.2%)Remote code execution as rootNo patch available for some variantsAffects security-critical infrastructure (surveillance/access control)Requires high privileges but no active user interaction
Exploitability
High exploit probability (EPSS 55.2%)
Affected products (5)
5 with fix
ProductAffected VersionsFix Status
G-Cam EEC-2xxx: firmware≤ 1.12.0.25 | 1.12.13.2 | 1.12.14.51.12.0.27
G-Code EBC-21xx: firmware≤ 1.12.0.25 | 1.12.13.2 | 1.12.14.51.12.0.27
G-Code ETHC-22xx: firmware≤ 1.12.0.25 | 1.12.13.2 | 1.12.14.51.12.0.27
G-Code EFD-22xx: firmware≤ 1.12.0.25 | 1.12.13.2 | 1.12.14.51.12.0.27
G-Code EWPC-22xx: firmware≤ 1.12.0.25 | 1.12.13.2 | 1.12.14.51.12.0.27
Remediation & Mitigation
0/6
Do now
0/3WORKAROUNDRestrict network access to device management interfaces to authorized administrative networks only; block direct Internet access
WORKAROUNDImplement firewall rules to limit access to affected devices to specific trusted administrative workstations
HARDENINGReview and enforce strong administrative credentials; rotate credentials for all affected devices
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate to firmware version 1.12.0.27 or later for all affected G-Code and G-Cam controllers
Long-term hardening
0/2HARDENINGSegment G-Code and G-Cam devices from general corporate networks and protect with perimeter firewall
HARDENINGImplement network monitoring and logging for administrative access to these devices
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/17c52783-0664-440c-b72d-2e0e67bcce9b