Detections
Analytics
GeoVision GV-ADR2701 Improper Authentication (CVE-2023-3638)
critical Tenable OT Security Plugin ID 502675
Synopsis
The remote OT asset is affected by a vulnerability.Description
In GeoVision GV-ADR2701 cameras, an attacker could edit the login response to access the web application.This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
Solution
The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.GeoVision recommends that users of these devices upgrade to newer models with the latest firmware update which they have verified are not vulnerable to this issue such as TDR2704, TDR2702, or TDR2700. Alternatively, users could restrict connection of these cameras to closed local area networks isolated from internet connection.
See Also
https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-05
Plugin Details
Severity: Critical
ID: 502675
Version: 1.3
Type: remote
Family: Tenable.ot
Published: 11/19/2024
Updated: 11/20/2024
Supported Sensors: Tenable OT Security
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2023-3638
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:geovision:gv-adr2701_firmware:1.00_2017_12_15
Required KB Items: Tenable.ot/GeoVision
Exploit Ease: No known exploits are available
Patch Publication Date: 7/19/2023
Vulnerability Publication Date: 7/19/2023
Reference Information
CVE: CVE-2023-3638
CWE: 287