Johnson Controls Illustra Essentials Gen 4 (Update A)

MonitorCVSS 6.8ICS-CERT ICSA-24-179-05Jun 27, 2024

Johnson Controls

Attack path

Attack VectorNetwork

Auth RequiredHigh

ComplexityLow

User InteractionNone needed

Summary

A vulnerability in Johnson Controls Illustra Essentials Gen 4 IP cameras allows an authenticated user with administrator privileges to recover stored credentials for other Linux user accounts on the device. The vulnerability exists in firmware versions up to Illustra.Ess4.01.02.10.5982 and is addressed in firmware version Illustra.Ess4.01.02.13.6953 or later.

What this means

What could happen

An authenticated attacker with admin privileges on an Illustra Essentials Gen 4 camera could extract stored credentials for other Linux users on the device, potentially granting access to other systems or functions within the camera.

Who's at risk

Building automation operators and security staff managing Johnson Controls Illustra Essentials Gen 4 IP cameras in commercial buildings, hospitals, data centers, and industrial facilities should be aware of this issue. Affected are camera systems running firmware versions up to Illustra.Ess4.01.02.10.5982.

How it could be exploited

An attacker with valid admin credentials for the camera management interface could query or read credential storage on the device to recover plaintext or weakly-protected credentials for other Linux user accounts. This requires direct access to the management interface (web UI or API).

Prerequisites

Valid administrator credentials for the Illustra Essentials Gen 4 camera
Network access to the camera's management interface (port 80/443 or similar)
Knowledge of or access to the credential storage mechanism on the device

requires valid admin credentialslow exploitation complexity once authenticatedcould lead to lateral movement via credential theft

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (1)

ProductAffected VersionsFix Status

Illustra Essentials Gen 4: <=Illustra.Ess4.01.02.10.5982≤ Illustra.Ess4.01.02.10.5982Illustra.Ess4.01.02.13.6953

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDRestrict admin access to camera management interfaces using network firewall rules; limit to authorized engineering workstations or management VLANs only

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Illustra Essentials Gen 4 cameras to firmware version Illustra.Ess4.01.02.13.6953 or later

HARDENINGReview and rotate all admin credentials used across camera systems

Long-term hardening

0/1

HARDENINGImplement network segmentation to isolate camera management traffic from general building automation network

CVEs (1)

CVE-2024-32756

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/39e1d4c0-0413-4687-b68f-e5a1c041afd9

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.