Fujitsu Limited Real-time Video Transmission Gear "IP series"
Act Now5.9ICS-CERT ICSA-23-248-01Sep 5, 2023
Attack VectorNetwork
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary
A hardcoded credentials vulnerability (CWE-798) in Fujitsu Real-time Video Transmission Gear IP series devices allows an attacker with network access to obtain valid login credentials and authenticate to the device's web interface. Once logged in, an attacker can initialize or reboot the device, terminating video transmission and causing loss of operational visibility. The vulnerability affects multiple IP series models across firmware versions V01L001 and later (specific affected ranges vary by model). High attack complexity suggests exploitation requires specific knowledge of the credential retrieval method or network conditions.
What this means
What could happen
An attacker with valid credentials could log into the web interface and reboot the video transmission device, causing loss of video feed to monitoring systems and operational visibility.
Who's at risk
Water utilities and municipal electric companies that use Fujitsu Real-time Video Transmission Gear IP series devices for SCADA camera monitoring, perimeter surveillance, or dam/infrastructure visual monitoring. All IP series models (IP-HE950E/D, IP-HE900E/D, IP-900E/D/IID, IP-920E/D, IP-90, IP-9610) are affected across multiple firmware versions.
How it could be exploited
An attacker must first obtain valid credentials (via hardcoded credentials, CWE-798, or other means), then access the device's web interface over the network and use those credentials to authenticate. Once logged in, the attacker can issue commands to initialize or reboot the device, terminating video transmission.
Prerequisites
- Network access to the device's web interface (port 80 or 443 likely)
- Valid login credentials for the web interface
- High attack complexity suggests specific knowledge or conditions required for exploitation
No authentication required (hardcoded credentials likely)Remotely exploitable via networkNo patch available for affected versionsHigh EPSS score (53.2%)Affects operational visibility systems
Exploitability
High exploit probability (EPSS 53.2%)
Affected products (11)
11 pending
ProductAffected VersionsFix Status
Real-time Video Transmission Gear "IP series" IP-HE950E: >= V01L001 | < V01L053≥ V01L001 | < V01L053No fix yet
Real-time Video Transmission Gear "IP series" IP-HE950D: >= V01L001 | < V01L053≥ V01L001 | < V01L053No fix yet
Real-time Video Transmission Gear "IP series" IP-HE900E: >= V01L001 | < V01L010≥ V01L001 | < V01L010No fix yet
Real-time Video Transmission Gear "IP series" IP-HE900D: >= V01L001 | < V01L004≥ V01L001 | < V01L004No fix yet
Real-time Video Transmission Gear "IP series" IP-900E: >= V01L001 | < V02L061≥ V01L001 | < V02L061No fix yet
Real-time Video Transmission Gear "IP series" IP-920E: >= V01L001 | < V02L061≥ V01L001 | < V02L061No fix yet
Real-time Video Transmission Gear "IP series" IP-900D: >= V01L001 | < V02L061≥ V01L001 | < V02L061No fix yet
Real-time Video Transmission Gear "IP series" IP-900IID: >= V01L001 | < V02L061≥ V01L001 | < V02L061No fix yet
Remediation & Mitigation
0/5
Do now
0/2WORKAROUNDRestrict network access to the web interface by IP address using firewall rules; only allow access from authorized engineering and monitoring stations
WORKAROUNDDisable or restrict the web interface if not actively used for operations
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate all IP series firmware to the latest available version from Fujitsu
Long-term hardening
0/2HARDENINGPlace video transmission devices on a secure, isolated network segment separate from internet-facing systems
HARDENINGImplement a VPN for any required remote access to device management interfaces
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/98e45b8b-fe96-43e8-b345-b4bcde712a3a