exacqVision Web Service

The core of this vulnerability lies in the improper handling of credentials within the exacqVision Web Service. An attacker, without requiring any authentication, can exploit this flaw to retrieve sensitive information, including usernames and passwords used by the system or its users. This stolen data can then be leveraged to gain unauthorized access to the exacqVision system itself, potentially allowing the attacker to view live camera feeds, access recorded video, and even modify system configurations. The blast radius extends beyond the immediate surveillance system; compromised credentials could be used for lateral movement within the network, impacting other connected systems and data. This vulnerability shares similarities with other credential leakage issues where weak access controls expose sensitive data to external threats.

Organizations utilizing exacqVision for video surveillance, particularly those with internet-facing deployments, are at significant risk. Systems with default configurations or weak password policies are especially vulnerable. Shared hosting environments where multiple customers share the same exacqVision instance also face increased exposure.

• windows / supply-chain: Monitor network traffic for attempts to access the exacqVision web service from unauthorized IP addresses. Examine Windows Event Logs for suspicious login attempts or credential access events.

Get-WinEvent -LogName Security -FilterXPath '//Event[System[Provider[@Name='Microsoft-Windows-Security-Auditing'] and EventID=4625]]'

• linux / server: Monitor system logs (e.g., /var/log/auth.log) for failed login attempts or unusual activity related to the exacqVision service. Use lsof to identify processes accessing credential files.

lsof /path/to/exacqvision/credential/file

• generic web: Monitor web server access logs for requests targeting the exacqVision web service from unusual IP addresses or user agents. Check response headers for any signs of credential leakage.

curl -I <exacqvision_url> | grep -i 'WWW-Authenticate'

1. 2021-10-11Disclosure

   disclosure

2. 2021-10-11Patch

   patch

1. Reservado2021-02-24
2. Publicada2021-10-11
3. Modificada2024-09-17
4. EPSS atualizado2026-04-02

The primary mitigation strategy is to immediately upgrade to a patched version of exacqVision Web Service as soon as it becomes available. Until the upgrade can be performed, several temporary workarounds can be implemented to reduce the risk. First, restrict network access to the exacqVision server, limiting exposure to external networks. Implement strong firewall rules to only allow necessary traffic. Review and audit stored credentials within the system, ensuring they adhere to strong password policies and are regularly rotated. Consider implementing multi-factor authentication (MFA) where possible to add an extra layer of security. After upgrading, confirm the vulnerability is resolved by attempting to access credentials via the web service interface and verifying that access is denied.