OTPulse
FeedAboutContact

Johnson Controls Illustra Essentials Gen 4 (Update A)

Monitor6.8ICS-CERT ICSA-24-179-06Jun 27, 2024
Attack VectorNetwork
Auth RequiredHigh
ComplexityLow
User InteractionNone needed
Summary

Johnson Controls Illustra Essentials Gen 4 cameras contain a credentials storage vulnerability (CWE-532) that may allow an attacker with high-level administrative access to extract Linux user credentials from the device. Affected versions are Illustra.Ess4.01.02.10.5982 and earlier. The vendor has released firmware version Illustra.Ess4.01.02.13.6953 to remediate the issue.

What this means
What could happen
An attacker with high-level access to the camera could extract Linux user credentials stored on the device, potentially leading to unauthorized access to connected systems or network-wide compromise if credentials are reused.
Who's at risk
Building security teams and facilities managers operating Johnson Controls Illustra Essentials Gen 4 IP cameras should be concerned. These cameras are typically deployed in access control, surveillance, and building automation systems across commercial facilities, hospitals, universities, and municipal infrastructure. Any system where the cameras share network infrastructure with operational technology or where admin credentials are reused across systems is at heightened risk.
How it could be exploited
An attacker must first gain high-privilege access to the Illustra Essentials Gen 4 camera (e.g., through compromised administrative credentials or lateral movement from another compromised device). Once authenticated at the admin level, the attacker can read credential files from the Linux filesystem that stores user account information, allowing them to harvest plaintext or weakly encrypted passwords.
Prerequisites
  • Administrative/high-privilege credentials to access the camera management interface
  • Network connectivity to the camera's management port (typically HTTP/HTTPS)
remotely exploitablehigh-privilege access requiredcredential disclosure (plaintext or weakly protected)affects building automation and physical security systemsno patch available for older firmware versions
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Illustra Essential Gen 4: <=Illustra.Ess4.01.02.10.5982≤ Illustra.Ess4.01.02.10.5982No fix yet
Remediation & Mitigation
0/4
Do now
0/1
HARDENINGRestrict network access to camera management interfaces using firewall rules; ensure cameras are not directly reachable from the internet or untrusted networks
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Illustra Essentials Gen 4 cameras to firmware version Illustra.Ess4.01.02.13.6953 or later
HARDENINGIf remote access to cameras is required, enforce access through a VPN with multi-factor authentication
Long-term hardening
0/1
HARDENINGIsolate building automation system networks (including IP cameras) from corporate business networks using network segmentation or air-gapping
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/e97a9a67-7096-48c3-84a4-3422a8f83e50
Johnson Controls Illustra Essentials Gen 4 (Update A) | CVSS 6.8 - OTPulse