Plattform
other
Komponente
sinvr-sivms-video-server
Behoben in
5.0.1
CVE-2019-18339 describes an authentication bypass vulnerability affecting SiNVR/SiVMS Video Server versions prior to 5.0.0. This flaw allows a remote attacker with network access to potentially read the entire user database, including passwords stored in obfuscated cleartext. The vulnerability resides in the HTTP service (default port 5401/tcp) and can be exploited even when authentication is enforced. A fix is available in version 5.0.0.
The primary impact of CVE-2019-18339 is the potential for unauthorized access to sensitive user credentials. An attacker exploiting this vulnerability can bypass authentication mechanisms and directly access the SiVMS/SiNVR user database. This database contains user accounts and their corresponding passwords, which are stored in an obfuscated, but ultimately readable, format. Successful exploitation could lead to complete compromise of the video surveillance system, enabling attackers to view live feeds, modify recordings, and potentially gain control of other connected devices. The cleartext nature of the obfuscated passwords significantly increases the risk of credential theft and subsequent lateral movement within the network.
CVE-2019-18339 was publicly disclosed on December 12, 2019. While no active exploitation campaigns have been definitively confirmed, the vulnerability's ease of exploitation and the sensitivity of the data at risk make it a potential target. The CVSS score of 9.8 (CRITICAL) reflects the severity of the vulnerability. No KEV listing is currently available.
Organizations utilizing SiNVR/SiVMS Video Server for surveillance, particularly those with legacy deployments or those who have not implemented robust network segmentation, are at significant risk. Shared hosting environments where multiple customers share the same SiNVR/SiVMS instance are also vulnerable, as a compromise of one customer could potentially expose the credentials of others.
• windows / server: Monitor network traffic for connections to port 5401/tcp from unauthorized sources. Use Windows Defender to search for suspicious processes attempting to access the SiVMS/SiNVR database.
• linux / server: Use ss -tulnp | grep 5401 to identify processes listening on port 5401. Examine system logs for authentication failures or unusual access attempts.
• generic web: Use curl -I <videoserverip>:5401 to check for the presence of the HTTP service and attempt to access it without authentication.
disclosure
Exploit-Status
EPSS
0.26% (50% Perzentil)
CVSS-Vektor
The primary mitigation for CVE-2019-18339 is to upgrade SiNVR/SiVMS Video Server to version 5.0.0 or later. If upgrading is not immediately feasible, consider implementing network segmentation to restrict access to the Video Server. Firewall rules should be configured to limit inbound traffic to port 5401/tcp from only trusted sources. While not a complete solution, monitoring network traffic for unusual connections to port 5401/tcp can provide early warning signs of potential exploitation attempts. After upgrading, verify the fix by attempting to access the Video Server's HTTP service without valid credentials; authentication should be enforced.
Aktualisieren Sie SiNVR/SiVMS Video Server auf Version 5.0.0 oder höher. Dies behebt die Authentifizierungs-Bypass-Schwachstelle im HTTP-Dienst.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2019-18339 is a critical vulnerability allowing attackers to bypass authentication and access user credentials in SiNVR/SiVMS Video Server versions before 5.0.0.
You are affected if you are running SiNVR/SiVMS Video Server versions prior to 5.0.0. All versions before 5.0.0 are vulnerable to this authentication bypass.
Upgrade SiNVR/SiVMS Video Server to version 5.0.0 or later to remediate the vulnerability. Implement network segmentation as a temporary workaround.
While no confirmed active exploitation campaigns are publicly known, the vulnerability's severity and ease of exploitation suggest it remains a potential target.
Refer to the SiNVR security advisories for details and updates regarding CVE-2019-18339. Check the official SiNVR website for the latest information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.