OTPulse
FeedAboutContact

Crestron AM-300

Plan Patch8.4ICS-CERT ICSA-24-023-02Jan 23, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

The Crestron AM-300 media processor (firmware 1.4499.00018) contains a privilege escalation vulnerability (CWE-78) that allows an attacker with local access to escalate to root-level access. This could allow unauthorized modification of audio/visual control settings and system configurations. No public exploitation has been reported. The vulnerability requires local access and is not remotely exploitable.

What this means
What could happen
An attacker with local access to the AM-300 device could escalate privileges to root-level access and potentially manipulate audio/visual control functions or access sensitive system configurations without authorization.
Who's at risk
Organizations deploying Crestron AM-300 audio/visual control processors in conference rooms, auditoriums, or AV control rooms should care about this vulnerability. Anyone with physical or local network access to the device could gain administrative control.
How it could be exploited
An attacker must first gain local access to the AM-300 device (physical or via local network). Once local access is established, they can exploit a privilege escalation vulnerability to elevate their access to root-level, bypassing normal permission controls and gaining full system control.
Prerequisites
  • Local access to the AM-300 device or local network connectivity
  • No authentication required to exploit the privilege escalation once local access is established
Local exploitation only (not remotely exploitable)Low complexity attackNo authentication required for privilege escalationAffects control system device with administrative access
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
AM-300: 1.4499.000181.4499.000181.4499.00023.001
Remediation & Mitigation
0/3
Do now
0/1
HARDENINGRestrict physical access to AM-300 devices to authorized personnel only
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate AM-300 firmware to version 1.4499.00023.001 or higher
Long-term hardening
0/1
HARDENINGIsolate AM-300 devices from business networks and place behind firewalls to restrict local network access
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/9f33511c-dc8d-4ba1-af5a-7d26365ef3a3
Crestron AM-300 | CVSS 8.4 - OTPulse