CVE-2023-30899

Name of the Vulnerable Software and Affected Versions Siveillance Video 2020 R2 versions prior to V20.2 HotfixRev14 Siveillance Video 2020 R3 versions prior to V20.3 HotfixRev12 Siveillance Video 2021 R1 versions prior to V21.1 HotfixRev12 Siveillance Video 2021 R2 versions prior to V21.2 HotfixRev8 Siveillance Video 2022 R1 versions prior to V22.1 HotfixRev7 Siveillance Video 2022 R2 versions prior to V22.2 HotfixRev5 Siveillance Video 2022 R3 versions prior to V22.3 HotfixRev2 Siveillance Video 2023 R1 versions prior to V23.1 HotfixRev1

Description The vulnerability is related to errors during the data serialization procedure in the Management Server component of the Siveillance VMS platform. This could allow an authenticated remote attacker to execute code on the affected system due to insufficient data validation during deserialization.

Recommendations For Siveillance Video 2020 R2 versions prior to V20.2 HotfixRev14, update to V20.2 HotfixRev14 or later. For Siveillance Video 2020 R3 versions prior to V20.3 HotfixRev12, update to V20.3 HotfixRev12 or later. For Siveillance Video 2021 R1 versions prior to V21.1 HotfixRev12, update to V21.1 HotfixRev12 or later. For Siveillance Video 2021 R2 versions prior to V21.2 HotfixRev8, update to V21.2 HotfixRev8 or later. For Siveillance Video 2022 R1 versions prior to V22.1 HotfixRev7, update to V22.1 HotfixRev7 or later. For Siveillance Video 2022 R2 versions prior to V22.2 HotfixRev5, update to V22.2 HotfixRev5 or later. For Siveillance Video 2022 R3 versions prior to V22.3 HotfixRev2, update to V22.3 HotfixRev2 or later. For Siveillance Video 2023 R1 versions prior to V23.1 HotfixRev1, update to V23.1 HotfixRev1 or later.