Detections
Analytics
ThroughTek P2P SDK Cleartext Transmission of Sensitive Information (CVE-2021-32934)
high Tenable OT Security Plugin ID 502280
Synopsis
The remote OT asset is affected by a vulnerability.Description
ThroughTek supplies multiple original equipment manufacturers of IP cameras & recorders with P2P connections as part of its cloud platform. Successful exploitation of this vulnerability could permit unauthorized access to sensitive information, such as camera audio/video feeds.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.ThroughTek recommends original equipment manufacturers to implement the following mitigations:
- If SDK is Version 3.1.10 and above, enable authkey and DTLS.
- If SDK is any version prior to 3.1.10, upgrade library to v3.3.1.0 or v3.4.2.0 and enable authkey/DTLS.
Additional information can be found in ThroughTek’s advisory.
See Also
http://www.nessus.org/u?b9e1ef0c
https://www.cisa.gov/news-events/ics-advisories/icsa-21-166-01
Plugin Details
Severity: High
ID: 502280
Version: 1.4
Type: remote
Family: Tenable.ot
Published: 6/26/2024
Updated: 6/28/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS Score Source: CVE-2021-32934
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:hanwhavision:prn-3210b2_firmware, cpe:/o:hanwhavision:xrn-1610sa_firmware, cpe:/o:hanwhavision:prn-3200b4_firmware, cpe:/o:hanwhavision:xrn-1620b2_firmware, cpe:/o:hanwhavision:qrn-430s_firmware, cpe:/o:hanwhavision:prn-6400db4_firmware, cpe:/o:hanwhavision:xrn-410s_firmware, cpe:/o:hanwhavision:prn-6410db4_firmware, cpe:/o:hanwhavision:xrn-3210rb2_firmware, cpe:/o:hanwhavision:qrn-420s_firmware, cpe:/o:hanwhavision:xrn-420s_firmware, cpe:/o:hanwhavision:prn-1605b2_firmware, cpe:/o:hanwhavision:qrn-410_firmware, cpe:/o:hanwhavision:prn-3200b2_firmware, cpe:/o:hanwhavision:hrx-421_firmware, cpe:/o:hanwhavision:xrn-3210b2_firmware, cpe:/o:hanwhavision:prn-6405b4_firmware, cpe:/o:hanwhavision:prn-6400b4_firmware, cpe:/o:hanwhavision:hrx-434_firmware, cpe:/o:hanwhavision:prn-6410b4_firmware, cpe:/o:hanwhavision:xrn-2011a_firmware, cpe:/o:hanwhavision:hrx-1621_firmware, cpe:/o:hanwhavision:prn-1600b2_firmware, cpe:/o:hanwhavision:xrn-6410rb2_firmware, cpe:/o:hanwhavision:prn-3205b2_firmware, cpe:/o:hanwhavision:prn-3210b4_firmware, cpe:/o:hanwhavision:qrn-410s_firmware, cpe:/o:hanwhavision:xrn-1620sb1_firmware, cpe:/o:hanwhavision:qrn-1610s_firmware, cpe:/o:hanwhavision:xrn-6410b2_firmware, cpe:/o:hanwhavision:hrx-1620_firmware, cpe:/o:hanwhavision:xrn-820s_firmware, cpe:/o:hanwhavision:xrn-6410db4_firmware, cpe:/o:hanwhavision:xrn-810s_firmware, cpe:/o:hanwhavision:prn-3205b4_firmware, cpe:/o:hanwhavision:xrn-6410b4_firmware, cpe:/o:hanwhavision:hrx-420_firmware, cpe:/o:hanwhavision:hrx-1632_firmware, cpe:/o:hanwhavision:qrn-810s_firmware, cpe:/o:hanwhavision:hrx-821_firmware, cpe:/o:hanwhavision:xrn-1610a_firmware, cpe:/o:hanwhavision:prn-1610b2_firmware, cpe:/o:hanwhavision:qrn-820s_firmware, cpe:/o:hanwhavision:xrn-3010a_firmware, cpe:/o:hanwhavision:hrx-820_firmware, cpe:/o:hanwhavision:hrx-835_firmware, cpe:/o:hanwhavision:hrx-435_firmware, cpe:/o:hanwhavision:xrn-3210b4_firmware, cpe:/o:hanwhavision:qrn-810_firmware, cpe:/o:hanwhavision:xrn-2010a_firmware, cpe:/o:hanwhavision:prn-6405db4_firmware, cpe:/o:hanwhavision:lrn-410s_firmware, cpe:/o:hanwhavision:lrn-810s_firmware
Required KB Items: Tenable.ot/HanwhaVision
Exploit Ease: No known exploits are available
Patch Publication Date: 5/19/2022
Vulnerability Publication Date: 5/19/2022
Reference Information
CVE: CVE-2021-32934