OTPulse
FeedAboutContact

Qognify NiceVision

Act Now10ICS-CERT ICSA-23-278-02Oct 5, 2023
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

NiceVision versions 3.1 and earlier contain a hardcoded credentials vulnerability (CWE-798) that allows an attacker with network access to retrieve sensitive information about cameras managed by the platform and user account details without authentication. The vulnerability affects the NiceVision camera management system used to oversee IP-based surveillance infrastructure.

What this means
What could happen
An attacker with network access to NiceVision could extract sensitive information about cameras and user credentials stored on the platform, potentially compromising surveillance infrastructure and enabling unauthorized access to video systems across your facility.
Who's at risk
Video surveillance system operators at water authorities, utilities, and other critical infrastructure relying on NiceVision for camera management. Anyone managing networked IP cameras or surveillance infrastructure should assess their use of this platform.
How it could be exploited
An attacker on the network sends a request to NiceVision exploiting hardcoded or retrievable credentials (CWE-798) to access the management interface and extract camera configuration and user account data without authentication.
Prerequisites
  • Network access to NiceVision management interface
  • NiceVision version 3.1 or earlier
  • NiceVision reachable from attacker's network location
Remotely exploitableNo authentication requiredLow complexity attackHardcoded or weak credentials (CWE-798)CVSS 10 (critical)
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
NiceVision: <= 3.1≤ 3.13.2 UP2 HF2
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDRestrict network access to NiceVision management interface using firewall rules—allow only authorized engineering workstations and administrative staff
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade NiceVision to v3.2 UP2 HF2 or later
Long-term hardening
0/2
HARDENINGIsolate NiceVision on a dedicated surveillance network segment separate from business networks and the internet
HARDENINGIf remote access to NiceVision is required, deploy it through a VPN connection only, and keep VPN software updated
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/297de5b1-ab64-4001-8779-4d30b9b725e8
Qognify NiceVision | CVSS 10 - OTPulse