OTPulse
FeedAboutContact

CP Plus KVMS Pro

Monitor7.8ICS-CERT ICSA-23-082-02Mar 31, 2023
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

CP Plus KVMS Pro V2.01.0.T.190521 and prior versions contain a credential storage vulnerability. An attacker with local access to an affected workstation can retrieve plaintext or weakly encrypted credentials, potentially gaining unauthorized access to the entire CCTV system. CP Plus has not committed to a fix for this vulnerability.

What this means
What could happen
An attacker with local access to a KVMS Pro system could extract stored credentials and gain full control of the CCTV surveillance infrastructure, potentially disabling monitoring capabilities or accessing recorded footage.
Who's at risk
Organizations operating CP Plus KVMS Pro video management systems, particularly those at water utilities, power plants, and other critical infrastructure with CCTV surveillance requirements. The system is typically deployed at control center workstations and recording facilities.
How it could be exploited
An attacker with user-level access to the KVMS Pro workstation can retrieve plaintext or weakly encrypted credentials stored on the system. Once credentials are obtained, the attacker can authenticate to the CCTV system and execute commands to manipulate cameras, recorders, and monitoring functions.
Prerequisites
  • Local access to a KVMS Pro workstation
  • User-level or higher privileges on the affected system
  • Physical or remote desktop access to the machine
no patch availableaffects security system (CCTV)local access required but low complexity
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
KVMS Pro: V2.01.0.T.190521 and prior≤ 2.01.0.T.190521No fix (EOL)
Remediation & Mitigation
0/5
Do now
0/4
HARDENINGRestrict network access to KVMS Pro systems; ensure they are not accessible from the Internet or untrusted networks
HARDENINGIsolate KVMS Pro and connected CCTV infrastructure behind firewalls, separate from business networks
HARDENINGImplement strong access controls on KVMS Pro workstations; restrict local and remote access to authorized personnel only
WORKAROUNDContact CP Plus customer support to request security guidance or workarounds for credential storage
Mitigations - no patch available
0/1
KVMS Pro: V2.01.0.T.190521 and prior has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGIf remote access is required, use VPN with current security patches and strong authentication
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/397aa9e6-f890-40b7-b816-73a6f786d030
CP Plus KVMS Pro | CVSS 7.8 - OTPulse