Cisco Security Advisory: Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras

A denial of service (DoS) vulnerability exists in the Cisco Video Surveillance IP Cameras 2421, 2500 series and 2600 series of devices. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted RTSP TCP packets to an affected device.

Summary

A denial of service (DoS) vulnerability exists in the Cisco Video Surveillance IP Cameras 2421, 2500 series and 2600 series of devices. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted RTSP TCP packets to an affected device. Successful exploitation prevents cameras from sending video streams, subsequently causing a reboot. The camera reboot is done automatically and does not require action from an operator.

There are no workarounds available to mitigate exploitation of this vulnerability that can be applied on the Cisco Video Surveillance IP Cameras.  Mitigations that can be deployed on Cisco devices within the network are available.

This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-camera.

Note: Effective October 18, 2011, Cisco moved the current list of Cisco Security Advisories and Responses published by Cisco PSIRT. The new location is http://tools.cisco.com/security/center/publicationListing. You can also navigate to this page from the Cisco Products and Services menu of the Cisco Security Intelligence Operations (SIO) Portal. Following this transition, new Cisco Security Advisories and Responses will be published to the new location. Although the URL has changed, the content of security documents and the vulnerability policy are not impacted. Cisco will continue to disclose security vulnerabilities in accordance with the published Security Vulnerability Policy.

[Expand all sections]     [Collapse all sections]



Affected Products





Vulnerable Products



Cisco Video Surveillance IP Cameras 2421, 2500 series, and 2600 series are affected by this vulnerability.

For Cisco Video Surveillance 2421 and 2500 series IP Cameras, all 1.1.x software releases and releases prior 2.4.0 are affected by this vulnerability.

For Cisco Video Surveillance 2600 IP Camera, all software releases before 4.2.0-13 are affected by this vulnerability.

To check the version of system firmware that is running on the device and to determine device model, log in to the device with the web management interface, and navigate to the Status page.





Products Confirmed Not Vulnerable











Top of the section     Close Section


Details

















Vulnerability Scoring Details


Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.

Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.

Cisco has provided an FAQ to answer additional questions regarding CVSS at
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html .

Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at
http://intellishield.cisco.com/security/alertmanager/cvss .






CSCtj96312,   CSCtj39462,   CSCtl80175, : Cisco Video Surveillance IP Cameras RTSP Crafted Packet Vulnerability


Calculate the environmental score of CSCtj96312,   CSCtj39462,   CSCtl80175,




CVSS Base Score - 7.8




Access Vector


Access Complexity


Authentication


Confidentiality Impact


Integrity Impact


Availability Impact




Network


Low


None


None


None


Complete




CVSS Temporal Score - 6.4




Exploitability


Remediation Level


Report Confidence




Functional


Official-Fix


Confirmed


Top of the section     Close Section



Impact


Successful exploitation of the vulnerability may result in DoS condition. Subsequent exploitation may result in sustained DoS condition, as the cameras will continue to reload.
Top of the section     Close Section



Software Versions and Fixes
















Workarounds









Obtaining Fixed Software











































Exploitation and Public Announcements











Status of this Notice: Final










Distribution






























Revision History
















Cisco Security Procedures