Vulnerabilities found in Axis camera software

By Dylan Bushell-Embling
Friday, 18 August, 2023

Vulnerabilities found in Axis camera software

Six vulnerabilities have been discovered in Axis camera systems that could potentially allow attackers to steal credentials and gain full device privileges, according to Nozomi Networks.

The vulnerabilities discovered by Nozomi Networks Labs are present in the License Plate Verifier software product offered by Axis Communications.

The issues could collectively enable attackers to exfiltrate credentials to access additional systems, elevate privileges to reach forbidden functionalities and even gain arbitrary code execution with full privileges on the device.

After discovering the vulnerabilities, Nozomi Networks informed Axis, which released additional details of the vulnerabilities as well as instructions to update the affected applications to a newer version.

The updated versions of the software can be manually installed by downloading it from the Axis webpage, or automatically installed by upgrading the device firmware to the latest version.

Axis Product Security Team lead Andrew Bastert said the company thanks Nozomi for their “excellent research and good collaboration” throughout the disclosure process.

“It is the second time after some work in 2021 that we had the pleasure now to work together with Nozomi Networks and benefited from their expertise,” he said.

“Axis Communications welcomes security researchers and ethical hackers to inspect our products and applications as it is our belief that long-term sustainable cybersecurity is created through collaboration and transparency.”

Image credit:

Related News

Lack of leadership buy-in biggest obstacle to digital trust: report

A new report from ISACA says that many organisations say that in five years digital trust will be...

Lack of customer confidence affecting security strategies: report

A survey from LogRhythm finds three-quarters of ANZ companies changed their security strategy...

IMT sector was Australia's most targeted in 2023: report

The information, media and technology sector has been the Australian industry most targeted...

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd