OTPulse
FeedAboutContact

BirdDog Cameras & Encoders

Plan Patch8.4ICS-CERT ICSA-23-131-11May 10, 2023
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

BirdDog cameras and encoders contain two vulnerabilities: a cross-site request forgery (CSRF) flaw and hardcoded credentials. These vulnerabilities could allow an attacker with local network access to remotely execute code on the affected devices, potentially compromising video capture, recording, and streaming functions. Affected models include 4K QUAD (versions 4.5.181 and 4.5.196), MINI (2.6.2), A300 EYES (3.4), and STUDIO R3 (3.6.4). BirdDog has released firmware patches for some or all models.

What this means
What could happen
An attacker with local access to a BirdDog camera or encoder could remotely execute code, potentially taking control of video capture and streaming systems or disrupting surveillance and broadcast operations.
Who's at risk
Facilities that rely on BirdDog cameras and encoders for surveillance, broadcast, or video streaming should assess their risk. This includes broadcast stations, security control rooms, municipal traffic and public safety systems, and any facility using these devices for remote monitoring or content distribution.
How it could be exploited
An attacker with local network access to the device can exploit a cross-site request forgery (CWE-352) vulnerability or hardcoded credentials (CWE-798) to gain unauthorized access. From there, the attacker could leverage code execution to alter device settings, disable recording, or intercept video streams.
Prerequisites
  • Local network access to the BirdDog device (not externally exploitable over the internet)
  • Physical access to device or access via internal network segment where the camera/encoder is connected
Local network access required (not remotely exploitable from the internet)No authentication required for exploitationLow attack complexityHardcoded credentials in the deviceNo patch available for some models
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (4)
4 pending
ProductAffected VersionsFix Status
4K QUAD: 4K | 4.5.181 | 4.5.1964K | 4.5.181 | 4.5.196No fix yet
MINI:2.6.2No fix yet
A300 EYES:3.4No fix yet
STUDIO R3:3.6.4No fix yet
Remediation & Mitigation
0/7
Do now
0/1
WORKAROUNDIf remote access to cameras is required, use a VPN with the most current security updates
Schedule — requires maintenance window
0/4

Patching may require device reboot — plan for process interruption

HOTFIXUpdate BirdDog 4K QUAD firmware to the latest version available from BirdDog's download page
HOTFIXUpdate BirdDog MINI firmware to the latest version available from BirdDog's download page
HOTFIXUpdate BirdDog A300 EYES firmware to the latest version available from BirdDog's download page
HOTFIXUpdate BirdDog STUDIO R3 firmware to the latest version available from BirdDog's download page
Long-term hardening
0/2
HARDENINGIsolate camera and encoder devices on a separate network segment from business and internet-facing systems using a firewall
HARDENINGRestrict network access to BirdDog devices—do not expose them directly to the internet; require VPN or internal-only access for remote management
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/1dd620b8-9c3b-4983-9b40-6955a3384117
BirdDog Cameras & Encoders | CVSS 8.4 - OTPulse