Johnson Controls Illustra Pro Gen 4

MonitorCVSS 6.9ICS-CERT ICSA-24-191-03Jul 9, 2024

Johnson Controls

Attack path

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionRequired

Summary

Johnson Controls Illustra Pro Gen 4 cameras contain a vulnerability that allows an attacker with network access to compromise the confidentiality and integrity of the device. The vulnerability requires user interaction (clicking a malicious link or opening an attachment) and has high attack complexity, making it difficult but not impossible to exploit. Affected devices run firmware version SS016.05.03.01.0010 and earlier. Johnson Controls has released firmware version SS016.24.03.00.0007 to address this issue.

What this means

What could happen

An attacker who exploits this vulnerability could gain unauthorized access to video streams and configuration data from the Illustra Pro Gen 4 camera, potentially allowing them to modify camera settings or disable surveillance coverage in critical areas of your facility.

Who's at risk

Organizations operating Johnson Controls Illustra Pro Gen 4 IP cameras in building security, facility monitoring, and surveillance roles should assess their use. This includes water utilities, power generation facilities, and municipal operations centers that use these cameras for physical security monitoring or critical infrastructure asset protection.

How it could be exploited

An attacker with network access to the camera would need to trick a user into clicking a malicious link or opening a crafted attachment that interacts with the camera's authentication mechanism. Due to high attack complexity, this is not a trivial exploit to execute.

Prerequisites

Network access to the Illustra Pro Gen 4 camera
User interaction required (clicking a link or opening an attachment)
Camera running firmware version SS016.05.03.01.0010 or earlier

remotely exploitableuser interaction requiredhigh attack complexityimpacts camera availability and surveillance integrity

Exploitability

Unlikely to be exploited — EPSS score 0.7%

Affected products (1)

ProductAffected VersionsFix Status

Illustra Pro Gen 4 Camera: <=SS016.05.03.01.0010≤ SS016.05.03.01.0010SS016.24.03.00.0007

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDRestrict network access to Illustra Pro Gen 4 cameras using firewall rules; allow only authorized management stations and recording systems to communicate with the camera

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Illustra Pro Gen 4 camera firmware to version SS016.24.03.00.0007 or later

HARDENINGDisable or restrict unnecessary features and protocols on the camera if they are not required for your surveillance operations

Long-term hardening

0/1

HARDENINGSegment camera systems onto a separate VLAN from general corporate network traffic and operational technology networks

CVEs (1)

CVE-2024-32753

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/374d98b4-7f23-4882-aa33-4f6a66f8cad3

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.