Skip to main content

Vulnerabilities affecting the SharpX and SharpZ3

November 6th, 2020

High-severity vulnerabilities that can lead to permanent denial of service have been discovered for some versions of the SharpOS that are embedded in the Security Center AutoVu™ SharpX and SharpZ3 ALPR cameras. These vulnerabilities were privately disclosed by a third-party to Genetec Inc. There is currently no evidence of these vulnerabilities being exploited to disrupt AutoVu™ Sharp cameras.

Update : Please see ICSA-20-343-01 and AMNESIA:33 for more details on the vulnerabilities underneath this advisory. Genetec would like to thank Forescout Technologies for the patch validation and the Cybersecurity & Infrastructure Security Agency (CISA) for the coordination.

Risk assessment

These vulnerabilities affect the network aspect of the SharpOS version 10, 11, and 13. An attacker can leverage those vulnerabilities to cause a permanent denial of service which results in the camera being permanently inaccessible. Temporary denial of service can also be caused by rebooting the camera. The CVSS v3.0 score for those vulnerabilities in the context of the AutoVu™ Sharp cameras is 7.5 (High).

Details

An unauthenticated attacker can send malicious packets on the network to exploit this vulnerability.

The vulnerabilities affect SharpOS versions 10, 11, and 13. Those versions are used by the mobile version of the AutoVu™ Sharp cameras which are respectively the SharpX and SharpZ3. See the table below for more details.

Recommendation

Genetec Inc, recommends updating to SharpOS version 10.2SR4, 11.8 SR1, or 13.3.0 depending on the version of the camera.

Workarounds

If the security patches can’t be applied in a timely fashion, do not expose an affected camera on a network where it can receive malicious packets. Disconnect affected cameras from the internet.

Affected products

Product

Affected?

Patch release version

 Autovu Sharp (1, 1.5, 2.0, 3.0)

No

N/A

SharpV

No

N/A

SharpX (X1/X2)
SharpXM (X2M / X4M)

Yes

10.2 SR4

SharpXS (X1S / X2S)
SharpXSM (X1SM / X2SM)
SharpXSU (X1SU / X2SU)

Yes

11.8 SR1

SharpZ3

Yes

13.3.0

For more information or assistance, please log in to the Genetec Technical Assistance Portal (GTAP) to open a support case.

To log in to the Genetec Portal, you must be a Security Center user with the appropriate credentials.  If you do not have access credentials, please contact channelsales@genetec.com