Schneider Electric Pelco Digital Sentry Video Management System Vulnerability
CVE-2016-4520
A hard-coded credential vulnerability in Schneider Electric’s Pelco Digital Sentry Video Management System. Schneider Electric has produced a new firmware version to mitigate this vulnerability.
AFFECTED PRODUCTS
- Pelco Digital Sentry Video Management System, versions prior to Version 7.13
IMPACT
Successful exploitation of this vulnerability may allow an attacker to gain access to execute code on the affected system.
VULNERABILITY
The affected product, Pelco Digital Sentry Video Management System, is a video recording system. According to Schneider Electric, Pelco Digital Sentry Video Management System is deployed across several sectors including Commercial Facilities. Schneider Electric estimates that these products are used worldwide.
VULNERABILITY
The affected system contains hard-coded credentials that may allow an attacker to gain access to confidential information or execute code on the affected system.
EXPLOITABILITY
This vulnerability could be exploited remotely.
MITIGATION
Schneider Electric has produced new firmware, Version 7.14, for the Pelco Digital Sentry Video Management System.