OTPulse
FeedAboutContact

Sensormatic Electronics VideoEdge

Act Now6.1ICS-CERT ICSA-21-306-01Nov 2, 2021
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

VideoEdge contains a cross-site scripting vulnerability (CWE-79) in the admin graphical user interface. Successful exploitation allows execution of untrusted code when an admin user views the affected interface. This vulnerability affects all VideoEdge versions prior to 5.7.1.

What this means
What could happen
An attacker could execute malicious code on the VideoEdge admin interface when a user views it, potentially compromising the security camera system and allowing unauthorized surveillance or system manipulation.
Who's at risk
Video surveillance operators and security administrators using Sensormatic VideoEdge systems, particularly those with network-connected admin interfaces. This affects municipalities, water authorities, utilities, and facilities that rely on IP-based video surveillance for physical security monitoring.
How it could be exploited
An attacker crafts malicious code and tricks a user into viewing it through the VideoEdge admin GUI (likely via social engineering or a network-based attack). When the admin interface renders the attacker's code, it executes in the admin's browser context with their permissions, allowing the attacker to perform actions as that administrator.
Prerequisites
  • Network access to the VideoEdge admin GUI
  • A user with admin access must view the malicious content
  • The VideoEdge system is running a version below 5.7.1
Remotely exploitableNo authentication required to deliver the exploitLow complexity attackActively exploited (KEV)High exploit probability (36.9%)All versions below 5.7.1 vulnerable
Exploitability
Actively exploited — confirmed by CISA KEV
Affected products (1)
ProductAffected VersionsFix Status
VideoEdge: All< 5.7.15.7.1
Remediation & Mitigation
0/4
Do now
0/2
HOTFIXUpgrade VideoEdge to version 5.7.1 or later
HARDENINGRestrict network access to the VideoEdge admin GUI to authorized personnel only, using network segmentation or firewall rules
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HARDENINGIsolate the VideoEdge system and admin network from the general business network and Internet
HARDENINGIf remote admin access is required, use a VPN with current security patches
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/ca39b870-1c1e-43bc-a4da-1030c87fbc2f
Sensormatic Electronics VideoEdge | CVSS 6.1 - OTPulse