OTPulse
FeedAboutContact

Siemens Siveillance Video Camera

Monitor6.7ICS-CERT ICSA-24-289-01Oct 10, 2024
Attack VectorAdjacent
Auth RequiredNone
ComplexityHigh
User InteractionRequired
Summary

Several camera device drivers in Siemens Siveillance Video Device Pack versions prior to 13.2 contain a buffer overflow vulnerability in CWE-120. Exploitation requires strict conditions including adjacent network access, high attack complexity, and user interaction. Successful exploitation could allow an attacker to execute code with the permissions of the Recording Server user.

What this means
What could happen
An attacker with adjacent network access could execute commands on the Siveillance Video Recording Server, potentially compromising video recording integrity, camera control, or video storage. This is unlikely to directly disrupt physical operations but could impact security monitoring and forensic capabilities.
Who's at risk
Siemens Siveillance Video systems deployed with Device Pack versions before 13.2. This affects organizations using Siveillance for video surveillance and recording in critical infrastructure environments, water utilities, and electric facilities where video monitoring supports physical security and incident response.
How it could be exploited
An attacker must be on the same network segment as the Siveillance Video Device Pack. They would trigger a buffer overflow in a camera device driver by sending a specially crafted input that requires user interaction to activate. If successful, the attacker gains code execution with Recording Server privileges.
Prerequisites
  • Adjacent network access (same network segment)
  • High attack complexity—requires specific conditions or unusual user interaction
  • No credentials needed
buffer overflow vulnerabilitylocal/adjacent network attack only—not remotely exploitablehigh attack complexitylow EPSS score (0.1%)
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Siveillance Video Device Pack<V13.213.2
Remediation & Mitigation
0/3
Do now
0/1
HARDENINGRestrict network access to Siveillance Video devices and Recording Server using firewalls; ensure the system is not accessible from untrusted networks or the internet
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Siveillance Video Device Pack to version 13.2 or later
Long-term hardening
0/1
HARDENINGIsolate Siveillance Video infrastructure on a dedicated network segment separate from business networks and operational technology networks
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/e6f9ab76-578f-419b-a394-5cce9f80ba13
Siemens Siveillance Video Camera | CVSS 6.7 - OTPulse