Schneider Electric recently developed a firmware update for its Pelco VideoXpert Enterprise product to address several vulnerabilities, including a high severity code execution flaw.
Pelco VideoXpert Enterprise is a video management system used in commercial facilities worldwide. Researcher Gjoko Krstic discovered that the product is affected by two directory traversal bugs and an improper access control issue that can allow arbitrary code execution.
The most serious of the flaws is CVE-2017-9966, which allows an attacker to replace certain files and execute malicious code with system privileges, Schneider Electric and ICS-CERT said in their advisories.
The directory traversal vulnerabilities are tracked as CVE-2017-9964 and CVE-2017-9965, and they have been classified as medium severity. The first security hole allows an attacker to bypass authentication or hijack sessions by “sniffing communications.”
The second directory traversal can be exploited by an unauthorized user to access web server files that could contain sensitive information.
These Pelco VideoXpert Enterprise vulnerabilities have been patched with the release of firmware version 2.1. All prior versions are affected.
This is the third round of Pelco product vulnerabilities covered in advisories published by ICS-CERT. The organization also released an advisory in June 2016 for a serious vulnerability in the Digital Sentry video management system, and in March 2015 for a high severity flaw in the DS-NVs software package.