[vulnerability] 2023-09-21 - Server Spoofing

Created by Boris Biryuchkov
Last updated: Dec 13, 2023 by Sergey Bystrov
1 min read

UPDATE: The vulnerability is fixed(09/28). The fix is on the cloud side(no need to update systems). CVE-2023-6263

 

Details of the Vulnerability:

  • Vulnerability Name: Server spoofing

  • Affected Versions: All VMS servers connected to Сloud

  • Potential Impact: If exploited, an attacker could perform a Man in the middle attack and hijack victim’s access to VMS server

Action Taken:

Upon discovering the vulnerability, our security team has: 

  • Promptly initiated a thorough investigation. 

  • Developed and tested a security patch to address the vulnerability. This patch will be deployed on Fri, Sep 22th, 2023.

  • Engaged with cybersecurity experts to enhance our security measures moving forward.

During our investigation, we have not found any evidence of this vulnerability being exploited yet. Vulnerability exploitation is relatively hard and demands multiple prerequisites, yet still we recommend performing certain actions.

Recommended Action for Customers:

  • Immediate Action: If you are using an affected version, we strongly urge you to change the VMS server owner’s (user “admin”) local password.

  • Perform users and permissions review.

Support and Assistance:

Should you encounter any issues or require assistance with the update, please reach out to our dedicated support team at support@networkoptix.com.

Future Measures:

We are constantly enhancing our security protocols and will continue to conduct regular security audits to prevent such incidents in the future. We also plan to expand our collaboration with third-party security experts to ensure our systems remain resilient against evolving cyber threats.