Fujitsu Limited Real-time Video Transmission Gear "IP series"

Act NowCVSS 5.9ICS-CERT ICSA-23-248-01Sep 5, 2023

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionNone needed

Summary

A hardcoded credentials vulnerability (CWE-798) in Fujitsu Real-time Video Transmission Gear IP series devices allows an attacker with network access to obtain valid login credentials and authenticate to the device's web interface. Once logged in, an attacker can initialize or reboot the device, terminating video transmission and causing loss of operational visibility. The vulnerability affects multiple IP series models across firmware versions V01L001 and later (specific affected ranges vary by model). High attack complexity suggests exploitation requires specific knowledge of the credential retrieval method or network conditions.

What this means

What could happen

An attacker with valid credentials could log into the web interface and reboot the video transmission device, causing loss of video feed to monitoring systems and operational visibility.

Who's at risk

Water utilities and municipal electric companies that use Fujitsu Real-time Video Transmission Gear IP series devices for SCADA camera monitoring, perimeter surveillance, or dam/infrastructure visual monitoring. All IP series models (IP-HE950E/D, IP-HE900E/D, IP-900E/D/IID, IP-920E/D, IP-90, IP-9610) are affected across multiple firmware versions.

How it could be exploited

An attacker must first obtain valid credentials (via hardcoded credentials, CWE-798, or other means), then access the device's web interface over the network and use those credentials to authenticate. Once logged in, the attacker can issue commands to initialize or reboot the device, terminating video transmission.

Prerequisites

Network access to the device's web interface (port 80 or 443 likely)
Valid login credentials for the web interface
High attack complexity suggests specific knowledge or conditions required for exploitation

No authentication required (hardcoded credentials likely)Remotely exploitable via networkNo patch available for affected versionsHigh EPSS score (53.2%)Affects operational visibility systems

Exploitability

Likely to be exploited — EPSS score 53.2%

Affected products (11)

11 pending

ProductAffected VersionsFix Status

Real-time Video Transmission Gear "IP series" IP-HE950E: >= V01L001 | < V01L053≥ V01L001 | < V01L053No fix yet

Real-time Video Transmission Gear "IP series" IP-HE950D: >= V01L001 | < V01L053≥ V01L001 | < V01L053No fix yet

Real-time Video Transmission Gear "IP series" IP-HE900E: >= V01L001 | < V01L010≥ V01L001 | < V01L010No fix yet

Real-time Video Transmission Gear "IP series" IP-HE900D: >= V01L001 | < V01L004≥ V01L001 | < V01L004No fix yet

Real-time Video Transmission Gear "IP series" IP-900E: >= V01L001 | < V02L061≥ V01L001 | < V02L061No fix yet

Real-time Video Transmission Gear "IP series" IP-920E: >= V01L001 | < V02L061≥ V01L001 | < V02L061No fix yet

Real-time Video Transmission Gear "IP series" IP-900D: >= V01L001 | < V02L061≥ V01L001 | < V02L061No fix yet

Real-time Video Transmission Gear "IP series" IP-900IID: >= V01L001 | < V02L061≥ V01L001 | < V02L061No fix yet

Remediation & Mitigation

0/5

Do now

0/2

WORKAROUNDRestrict network access to the web interface by IP address using firewall rules; only allow access from authorized engineering and monitoring stations

WORKAROUNDDisable or restrict the web interface if not actively used for operations

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate all IP series firmware to the latest available version from Fujitsu

Long-term hardening

0/2

HARDENINGPlace video transmission devices on a secure, isolated network segment separate from internet-facing systems

HARDENINGImplement a VPN for any required remote access to device management interfaces

CVEs (1)

CVE-2023-38433

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/98e45b8b-fe96-43e8-b345-b4bcde712a3a

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.