PT-2016-5998 · Schneider Electric · Pelco Digital Sentry Video Management System

Published

2016-07-15

Updated

2016-11-28

CVE-2016-4520

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Schneider Electric Pelco Digital Sentry Video Management System versions prior to 7.14

Description The issue concerns hardcoded credentials in the system, allowing remote attackers to gain access and execute arbitrary code through unspecified vectors.

Recommendations For versions prior to 7.14, update the firmware to version 7.14 or later to resolve the issue. As a temporary workaround, consider restricting remote access to the system until the update can be applied.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2016-4520

Affected Products

Pelco Digital Sentry Video Management System

PT-2016-5998 · Schneider Electric · Pelco Digital Sentry Video Management System

CVE-2016-4520

Related Identifiers

Affected Products

References · 5