CVE-2020-15785

Name of the Vulnerable Software and Affected Versions Siveillance Video Client (All versions)

Description A vulnerability has been identified where the client application transmits usernames to the server in cleartext when Windows NTLM authentication is enabled. This could allow an attacker in a privileged network position to obtain valid administrator login names and use this information to launch further attacks.

Recommendations For all versions, consider disabling Windows NTLM authentication as a temporary workaround to minimize the risk of exploitation. Restrict access to the network to prevent attackers from intercepting cleartext usernames. At the moment, there is no information about a newer version that contains a fix for this vulnerability.