OTPulse
FeedAboutContact

Authentication Bypass and Information Disclosure Vulnerabilities in SiNVR/SiVMS Video Server

Act Now9.8SSA-761617Dec 10, 2019
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

SiNVR/SiVMS Video Server contains two critical vulnerabilities: an authentication bypass (CVE-2019-18339) that allows unauthenticated access to the server, and an information disclosure vulnerability (CVE-2019-18340) that exposes sensitive data. Versions below V5.0.0 can be fixed by updating to V5.0.0 or later. However, versions V5.0.0 and later have no patch available. For the legacy SiNVR-branded product, fixes are available only under the PKE brand name.

What this means
What could happen
An attacker could bypass authentication to access the video server without credentials, allowing them to view surveillance feeds, retrieve stored video, or potentially modify configurations that control security camera systems. A separate information disclosure vulnerability could expose sensitive data stored on the server.
Who's at risk
This affects organizations running SiNVR/SiVMS video surveillance systems, including municipal utilities, water authorities, and critical infrastructure facilities that rely on IP-based video monitoring for facility security. Any installation using these video servers versions prior to 5.0.0 is at risk.
How it could be exploited
An attacker on the network sends a specially crafted request to the SiNVR/SiVMS Video Server that exploits the authentication bypass to gain access without providing valid credentials. Once authenticated, they can query the server for video feeds and system information.
Prerequisites
  • Network access to the SiNVR/SiVMS Video Server port (typically 80 or 443)
  • No valid credentials required
Remotely exploitableNo authentication requiredLow complexity attackHigh CVSS (9.8)Affects security systems (video surveillance)Unfixed versions for V5.0.0+
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (2)
1 with fix1 pending
ProductAffected VersionsFix Status
SiNVR/SiVMS Video Server<V5.0.05.0.0
SiNVR/SiVMS Video Server≥ V5.0.0No fix yet
Remediation & Mitigation
0/3
Do now
0/2
SiNVR/SiVMS Video Server
HOTFIXUpdate SiNVR/SiVMS Video Server versions below V5.0.0 to version 5.0.0 or later immediately
All products
HOTFIXContact PKE directly for patched versions if using the legacy SiNVR branded product, as fixes are only available under the PKE brand name
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HARDENINGFor Video Server versions V5.0.0 and later with no fix available, implement network segmentation to restrict access to the video server to only authorized management systems and ensure strict firewall rules allow only necessary connections
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/c7f31429-84fc-4409-90f3-02efc7333bf4
Authentication Bypass and Information Disclosure Vulnerabilities in SiNVR/SiVMS Video Server | CVSS 9.8 - OTPulse