Siemens Siveillance Video

MonitorCVSS 5.5ICS-CERT ICSA-25-140-05May 14, 2025

Siemens

Attack path

Attack VectorNetwork

Auth RequiredHigh

ComplexityHigh

User InteractionNone needed

Summary

Siveillance Video V2024 R1 installer resets the system configuration password when updating from older versions. This removes password protection from system configuration files and affects backup data sets created after the update. The vulnerability allows unauthorized access to sensitive configuration data if an attacker gains access to the system or backups.

What this means

What could happen

An attacker with access to the Siveillance Video system or its backups could read and modify video surveillance configuration settings, potentially disabling monitoring, altering retention policies, or exfiltrating system credentials stored in configuration files.

Who's at risk

Owners and operators of Siemens Siveillance Video surveillance systems (V2024 R1 and later) used in facility monitoring for critical infrastructure, manufacturing plants, data centers, or utilities. This affects any organization that has upgraded to V2024 R1 from an earlier version.

How it could be exploited

An attacker must have local or network access to the Siveillance Video system or possess backup files created after the V2024 R1 update. Because password protection was reset during the update, they can read system configuration files without authentication. They can then extract or modify surveillance settings and stored credentials.

Prerequisites

Local or network access to Siveillance Video system or its backup files
System updated from pre-V2024 R1 version to V2024 R1
Knowledge of where backup files are stored

password reset during upgradeno patch availableaffects backup dataconfiguration file exposurehigh attack complexity mitigates risk

Exploitability

Unlikely to be exploited — EPSS score 0.2%

Affected products (1)

ProductAffected VersionsFix Status

Siveillance Video≥ V24.1No fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDChange the system configuration password settings in Siveillance Video systems updated to V2024 R1 (see Siveillance Video 2024 R1 Administrator Manual page 268)

HARDENINGSecure backup files created after V2024 R1 update with access controls and encryption

Mitigations - no patch available

0/2

Siveillance Video has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGRestrict network access to Siveillance Video systems and backup storage using firewall rules and access control lists

HARDENINGIsolate Siveillance Video surveillance network from business network using a DMZ or separate network segment

CVEs (1)

CVE-2025-1688

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/79d2d0bc-1b43-4846-94ad-1ae06e0501bd

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.