OTPulse
FeedAboutContact

Johnson Controls Illustra Pro Gen 4

Monitor6.9ICS-CERT ICSA-24-191-03Jul 9, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityHigh
User InteractionRequired
Summary

Johnson Controls Illustra Pro Gen 4 cameras contain a vulnerability that allows an attacker with network access to compromise the confidentiality and integrity of the device. The vulnerability requires user interaction (clicking a malicious link or opening an attachment) and has high attack complexity, making it difficult but not impossible to exploit. Affected devices run firmware version SS016.05.03.01.0010 and earlier. Johnson Controls has released firmware version SS016.24.03.00.0007 to address this issue.

What this means
What could happen
An attacker who exploits this vulnerability could gain unauthorized access to video streams and configuration data from the Illustra Pro Gen 4 camera, potentially allowing them to modify camera settings or disable surveillance coverage in critical areas of your facility.
Who's at risk
Organizations operating Johnson Controls Illustra Pro Gen 4 IP cameras in building security, facility monitoring, and surveillance roles should assess their use. This includes water utilities, power generation facilities, and municipal operations centers that use these cameras for physical security monitoring or critical infrastructure asset protection.
How it could be exploited
An attacker with network access to the camera would need to trick a user into clicking a malicious link or opening a crafted attachment that interacts with the camera's authentication mechanism. Due to high attack complexity, this is not a trivial exploit to execute.
Prerequisites
  • Network access to the Illustra Pro Gen 4 camera
  • User interaction required (clicking a link or opening an attachment)
  • Camera running firmware version SS016.05.03.01.0010 or earlier
remotely exploitableuser interaction requiredhigh attack complexityimpacts camera availability and surveillance integrity
Exploitability
Low exploit probability (EPSS 0.7%)
Affected products (1)
ProductAffected VersionsFix Status
Illustra Pro Gen 4 Camera: <=SS016.05.03.01.0010≤ SS016.05.03.01.0010SS016.24.03.00.0007
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDRestrict network access to Illustra Pro Gen 4 cameras using firewall rules; allow only authorized management stations and recording systems to communicate with the camera
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Illustra Pro Gen 4 camera firmware to version SS016.24.03.00.0007 or later
HARDENINGDisable or restrict unnecessary features and protocols on the camera if they are not required for your surveillance operations
Long-term hardening
0/1
HARDENINGSegment camera systems onto a separate VLAN from general corporate network traffic and operational technology networks
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/374d98b4-7f23-4882-aa33-4f6a66f8cad3
Johnson Controls Illustra Pro Gen 4 | CVSS 6.9 - OTPulse