OTPulse
FeedAboutContact

Exacq Technologies exacqVision Enterprise Manager

Monitor4.3ICS-CERT ICSA-21-180-02Jun 29, 2021
Attack VectorNetwork
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

exacqVision Enterprise Manager versions 20.12 and earlier contain a cross-site request forgery vulnerability that allows an authenticated attacker to send malicious requests on behalf of a victim user. The vulnerability is classified as CWE-79 and has a CVSS score of 4.3 with low attack complexity. Successful exploitation could allow unauthorized modification of surveillance configurations or actions.

What this means
What could happen
An attacker with valid credentials could send malicious requests through exacqVision Enterprise Manager on behalf of authenticated users, potentially allowing them to manipulate video surveillance configurations or access logs without proper authorization.
Who's at risk
Video surveillance and physical security system operators using exacqVision Enterprise Manager, including municipal facilities, water authorities, and electric utilities that rely on IP camera monitoring for critical infrastructure sites. Enterprise Manager instances managing video feeds across multiple sites are at highest risk.
How it could be exploited
An attacker with valid engineering or administrator credentials gains network access to exacqVision Enterprise Manager. The attacker crafts a malicious request (likely a reflected cross-site request forgery or similar attack) that the system does not properly validate, allowing the attacker to perform unauthorized actions as that authenticated user.
Prerequisites
  • Valid credentials (engineering workstation or administrator account) to access exacqVision Enterprise Manager
  • Network access to exacqVision Enterprise Manager web interface or API
  • exacqVision Enterprise Manager version 20.12 or earlier installed and running
Requires valid credentialsRequires network access to management interfaceLow exploitation complexityAffects monitoring and security systems
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
exacqVision Enterprise Manager:≤ 20.1221.03 or later
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDRestrict network access to exacqVision Enterprise Manager management interfaces to authorized engineering workstations only using firewall rules
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade exacqVision Enterprise Manager to version 21.03 or later
Long-term hardening
0/2
HARDENINGPlace exacqVision Enterprise Manager on a separate network segment isolated from the business network and the internet
HARDENINGImplement multi-factor authentication for all administrative access to exacqVision Enterprise Manager
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/2f2c8864-12c2-4315-957e-d157a0bcc025
Exacq Technologies exacqVision Enterprise Manager | CVSS 4.3 - OTPulse