Hanwha Techwin Clears Vulnerability

Tuesday, May 16, 2017 @ 03:05 PM gHale


Hanwha Techwin released new firmware to mitigate an unauthorized access vulnerability in its SRN-4000 network video management platform, according to a report with ICS-CERT.

Successful exploitation of this remotely exploitable vulnerability could allow an attacker remote access to the web management portal with admin privileges without authentication.
Can Demirel and Faruk Unal of Biznet Bilisim, who discovered the vulnerability, tested the patch.

RELATED STORIES
Indicators Associated with WannaCry
Phoenix Contact Clears mGuard Issue
Satel Iberia Fixes, Logger, Meter
Siemens Fix for Devices Using PROFINET DCP

SRN-4000 firmware versions prior to SRN4000_v2.16_170401 suffer from the vulnerability.

No known public exploits specifically target this vulnerability. However, an attacker would need low skill level to leverage the vulnerability.

A specially crafted http request and response could allow an attacker to gain access to the device management page with admin privileges without proper authentication.

CVE-2017-7912 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 9.8.

The product sees use on the commercial facilities, critical manufacturing, energy, and water and wastewater systems industries. It also sees action on a global basis.

Seoul, South Korea-based Hanwha Techwin recommends users update to firmware Version SRN4000_v2.16_170401.zip or newer. Click here to update to the latest firmware version.



Leave a Reply

You must be logged in to post a comment.