Critical security vulnerability for Siemens-branded IP-based CCTV cameras

December 5, 2016

A critical security vulnerability has been discovered for Siemens-branded IP-based CCTV cameras that allow remote attackers to obtain administrative credentials from the integrated web server.

A critical security vulnerability (CVSS score 9.8/10) has been discovered for some Siemens-branded IP-based CCTV cameras that allow remote attackers to obtain administrative credentials from the integrated web server. Siemens has published firmware updates and encourages customers to upgrade to the new versions as soon as possible to protect against this vulnerability.

The Genetec Inc. product that is affected by this vulnerability includes the Security Center Omnicast™ video management system. 

Following the release of the new firmware from Siemens, Genetec has tested the compatibility with its products. Genetec now officially supports this new firmware and the included security updates. Clients can now safely update any Siemens products affected by this vulnerability.

Please refer to the vulnerability report CVE-2016-9155 on the Siemens website for the complete list of affected products and firmware.  

For more information on the exact firmware supported by Security Center, please consult the Genetec Technical Assistance Portal (GTAP)*.

*Note: To log into the Genetec Portal, you must be a Security Center user with the appropriate credentials. If you do not have access credentials, please contact insidesales@genetec.com.
Previous Article
Behind the scenes of an American football championship game
Behind the scenes of an American football championship game

The countdown is on. The biggest event in American football is only days away and fans are ready for the ac...

Next Article
Decision management series – Part 4
Decision management series – Part 4

Having looked at how Mission Control can increase Situational Intelligence and simplify an operator’s exper...