Dahua Security Cameras Incorrect Default Permissions (CVE-2019-9682)

high Tenable OT Security Plugin ID 502329

Synopsis

The remote OT asset is affected by a vulnerability.

Description

Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. If the user uses a weak security login method, an attacker can monitor the device network to intercept network packets to attack the device. So it is recommended that the user disable this login method.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

Refer to the vendor advisory.

Plugin Details

Severity: High

ID: 502329

Version: 1.2

Type: remote

Family: Tenable.ot

Published: 7/29/2024

Updated: 7/30/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2019-9682

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:dahuasecurity:ipc-hdbw1320e-w_firmware, cpe:/o:dahuasecurity:ipc-hxxx5x4x_firmware, cpe:/o:dahuasecurity:ipc-hx7842h_firmware, cpe:/o:dahuasecurity:ipc-hx2xxx_firmware, cpe:/o:dahuasecurity:ptz1a_firmware, cpe:/o:dahuasecurity:sd1a_firmware, cpe:/o:dahuasecurity:sd5a_firmware, cpe:/o:dahuasecurity:sd50_firmware, cpe:/o:dahuasecurity:sd52c_firmware, cpe:/o:dahuasecurity:sd6al_firmware, cpe:/o:dahuasecurity:ipc-hx5842h_firmware

Required KB Items: Tenable.ot/DahuaSecurity

Exploit Ease: No known exploits are available

Patch Publication Date: 5/13/2020

Vulnerability Publication Date: 5/13/2020

Reference Information

CVE: CVE-2019-9682

CWE: 276

Detections

Analytics