Security vulnerabilities for Sony IP cameras

December 7, 2016

Security vulnerabilities have been discovered for Sony IPELA Engine IP cameras that allow attackers to execute code remotely using hardcoded credentials.

Multiple security vulnerabilities have been discovered for some Sony IPELA Engine IP cameras that allow an attacker to enable Telnet/SSH service for remote administration over the network. This can later be used to obtain a linux shell with root privileges. Around 80 Generation 5 and 6 camera models are affected. Sony has published firmware updates for those models.

The Genetec Inc. product that is affected by this vulnerability includes the Security Center Omnicast™ video management system.

Following the release of the new firmware from Sony, Genetec has updated its supported device list and now officially supports this new firmware. Clients can now safely update any Sony products affected by this vulnerability.

Please refer to the vulnerability report on the SEC Consult website for the complete list of affected products and firmware.

For more information on the exact firmware supported by Security Center, please consult the Genetec Technical Assistance Portal (GTAP)*.

*Note: To log into the Genetec Portal, you must be a Security Center user with the appropriate credentials.  If you do not have access credentials, please contact insidesales@genetec.com.
Previous Article
3 clever ways to use video surveillance to enhance customer service
3 clever ways to use video surveillance to enhance customer service

‘U.S. brands are losing approximately $41 billion each year due to poor customer service’, this was conclud...

Next Video
Video import tool
Video import tool

Security Center enables organizations to leverage a common platform with which they can manage and maintain...