OTPulse
FeedAboutContact

Information Disclosure Vulnerability in Siveillance Video Camera Drivers

Plan Patch7.8SSA-404759Jan 14, 2025
Attack VectorLocal
Auth RequiredLow
ComplexityHigh
User InteractionNone needed
Summary

Several camera device drivers in the Siveillance Video Device Pack store camera credentials in log files when authentication fails. A local attacker with access to the Recording Server could read these stored credentials under specific conditions, potentially gaining unauthorized access to video cameras. The vulnerability affects versions prior to 13.5. Siemens recommends updating all deployments of Siveillance Video to version 13.5 or later, which contains corrected device drivers that do not log credentials during failed authentication attempts.

What this means
What could happen
A local attacker with access to the Recording Server could read camera credentials from log files left by failed authentication attempts, potentially gaining unauthorized access to video cameras across the surveillance network.
Who's at risk
Water utilities, electric utilities, and other critical infrastructure operators using Siemens Siveillance Video systems for facility surveillance. Anyone relying on the Recording Server for camera management and authentication should apply this patch. Affects video device drivers in the Device Pack used by enterprise surveillance deployments.
How it could be exploited
An attacker with local access to the Siveillance Recording Server filesystem can examine log files generated during camera authentication failures to extract stored credentials. This requires the attacker to already have shell access or file-browsing capability on the server itself.
Prerequisites
  • Local file system access to the Siveillance Recording Server
  • User or system account with permission to read application log files
  • Knowledge of log file location or access to log directory
  • Camera authentication failures must have occurred and logs retained
Local access requiredCredential exposure in logsAffects surveillance/security systemLow EPSS score (0.1%)
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Siveillance Video Device Pack< V13.513.5
Remediation & Mitigation
0/4
Do now
0/2
HARDENINGReview and restrict file system access to Recording Server log directories to authorized administrators only
WORKAROUNDAudit existing log files for stored camera credentials and securely remove or rotate exposed credentials
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Siveillance Video Device Pack to version 13.5 or later
Long-term hardening
0/1
HARDENINGImplement log rotation and retention policies to limit exposure window of sensitive log data
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/cb1c6797-aed1-45e9-8a0b-a6069ee3838e
Information Disclosure Vulnerability in Siveillance Video Camera Drivers | CVSS 7.8 - OTPulse