Your one-stop web resource providing safety and security information to manufacturers

Geutebrück released new firmware to mitigate cross-site scripting and OS command injection vulnerabilities in its G-Cam and G-Code, according to a report with NCCIC.

Successful exploitation of these remotely exploitable vulnerabilities could allow remote code execution as root and remote code execution in the browser of the IP camera operator.

RELATED STORIES
Phoenix Contact Fixes Switch Issue
Phoenix Contact Fixes PLCNext Holes
Rapid7 Clears Insight Vulnerability
B&R Automation Fixes Vulnerabilities

Romain Luyer and Guillaume Gronnier from CEIS, and Davy Douhine from RandoriSec reported these vulnerabilities.

Geutebruck reports the vulnerabilities affect the following Encoder and E2 Series Camera versions and models:
• G-Code: All versions 1.12.0.25 and prior
o EEC-2xxx
• G-Cam: All versions 1.12.0.25 and prior
o EBC-21xx
o EFD-22xx
o ETHC-22xx
o EWPC-22xx

Schneider Bold

In one issue, a cross-site scripting vulnerability allows a remote authenticated attacker with access to event configuration to store malicious code on the server, which could later be triggered by a legitimate user resulting in code execution within the user’s browser.

CVE-2019-10957 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.8.

In addition, using a specially crafted URL command, a remote authenticated user can execute commands as root.

CVE-2019-10956 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.2.

Also, user input is not properly validated, which could allow a remote authenticated attacker with access to network configuration to supply system commands to the server, leading to remote code execution as root.

CVE-2019-10958 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 7.2.

The product sees use in the commercial facilities, energy, financial services, government facilities, healthcare and public health, and transportation systems sectors. It also sees action on a global basis.

No known public exploits specifically target these vulnerabilities. However, an attacker with low skill level could leverage the vulnerabilities.

Germany-based Geutebruck recommends users upgrade to the latest firmware, Version 1.12.13.2 or later (Login Required).

Geutebruck also released a security advisory (Login Required).

Pin It on Pinterest

Share This