Security Bypass Vulnerability in the SQL Client-Server Communication in Siveillance Video
Plan Patch8.7SSA-472448Nov 13, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary
Siveillance Video is affected by a security bypass vulnerability in the Microsoft .NET implementation of SQL Client (CVE-2024-0056). This allows encryption requirements in SQL Server connections to be bypassed, potentially exposing credentials and data in transit between the video management system and its SQL database.
What this means
What could happen
An attacker with network access to the SQL connection between Siveillance Video and its database could bypass encryption, intercept credentials, and gain unauthorized access to video storage and system configuration data, potentially leading to unauthorized access, modification, or deletion of recorded video evidence and system settings.
Who's at risk
Water authorities and municipal utilities using Siveillance Video for physical security camera monitoring and forensic evidence storage. The vulnerability affects the database communication layer, so any installation using SQL Server as the backend database is at risk of credential compromise and unauthorized access to stored video and system configuration.
How it could be exploited
An attacker positioned on the network between the Siveillance Video application server and the SQL database server exploits the .NET SQL Client vulnerability to disable encrypted communication. The attacker then intercepts the connection to capture authentication credentials and database traffic, gaining access to the underlying SQL database without authentication or with captured credentials.
Prerequisites
- Network access to the SQL Server connection (typically port 1433 or configured alternate port)
- Position on the network path between Siveillance Video server and SQL database server (on-site or via compromised internal network access)
remotely exploitableno authentication required for exploitationlow complexity attackaffects safety/security monitoring systemsunpatched systems expose credentials
Exploitability
Low exploit probability (EPSS 0.9%)
Affected products (6)
6 with fix
ProductAffected VersionsFix Status
Siveillance Video 2022 R1All versions < V22.1 HotfixRev1622.1 HotfixRev16
Siveillance Video 2022 R2All versions < V22.2 HotfixRev1622.2 HotfixRev16
Siveillance Video 2022 R3All versions < V22.3 HotfixRev1522.3 HotfixRev15
Siveillance Video 2023 R1All versions < V23.1 HotfixRev1423.1 HotfixRev14
Siveillance Video 2023 R2All versions < V23.2 HotfixRev1323.2 HotfixRev13
Siveillance Video 2023 R3All versions < V23.3 HotfixRev1123.3 HotfixRev11
Remediation & Mitigation
0/8
Do now
0/1WORKAROUNDRestrict network access to SQL Server ports (typically 1433) to only the Siveillance Video application servers using firewall rules
Schedule — requires maintenance window
0/6Patching may require device reboot — plan for process interruption
Siveillance Video 2022 R1
HOTFIXUpdate Siveillance Video 2022 R1 to V22.1 HotfixRev16 or later
Siveillance Video 2022 R2
HOTFIXUpdate Siveillance Video 2022 R2 to V22.2 HotfixRev16 or later
Siveillance Video 2022 R3
HOTFIXUpdate Siveillance Video 2022 R3 to V22.3 HotfixRev15 or later
Siveillance Video 2023 R1
HOTFIXUpdate Siveillance Video 2023 R1 to V23.1 HotfixRev14 or later
Siveillance Video 2023 R2
HOTFIXUpdate Siveillance Video 2023 R2 to V23.2 HotfixRev13 or later
Siveillance Video 2023 R3
HOTFIXUpdate Siveillance Video 2023 R3 to V23.3 HotfixRev11 or later
Long-term hardening
0/1HARDENINGImplement network segmentation to isolate the SQL Server from untrusted network segments
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/2bcf5a89-68b7-4bd7-8775-61eb43b5eccf