Brickcom Cameras
Summary
CISA has issued an alert regarding critical vulnerabilities in specific versions of Brickcom Cameras, including Cube, Dome, Bullet, and Box models running firmware 3.2.3.5.6. Exploiting these flaws could allow unauthenticated attackers to access live video feeds, retrieve sensitive visual information, and gain administrative control of the devices.
IFF Assessment
The identified vulnerabilities in Brickcom Cameras allow unauthorized access to sensitive information and device control, posing a direct threat to security and privacy.
Severity
The CVSS score of 7.7 reflects a high severity due to the potential for remote, unauthenticated attackers to gain unauthorized access to live video feeds and administrative control, impacting confidentiality and integrity.
Defender Context
Defenders should be aware of these vulnerabilities affecting critical infrastructure sectors and commercial facilities. It is crucial to identify and secure all deployed Brickcom cameras, monitor for suspicious activity, and apply any available mitigations or patches as soon as they are released.