CVE-2020-24056

Published: Aug 21, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A hardcoded credentials vulnerability exists in Verint 5620PTZ Verint_FW_0_42, Verint 4320 V4320_FW_0_23, V4320_FW_0_31, and Verint S5120FD Verint_FW_0_42units. This could cause a confidentiality issue when using the FTP, Telnet, or SSH protocols.

Affected (4)

Products: Verint: 5620ptz Firmware, 4320 Firmware, S5120fd Firmware

3 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Verint 5620ptz Firmware	Version verint_fw_0_42

Running on/with	Platform Versions
Verint 5620ptz	All versions

Configuration B

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Verint 4320 Firmware	Version v4320_fw_0_23
Verint 4320 Firmware	Version v4320_fw_0_31

Running on/with	Platform Versions
Verint 4320	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Verint S5120fd Firmware	Version verint_fw_0_42units

Running on/with	Platform Versions
Verint S5120fd	All versions

Related CWEs

CWE-798

Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

References (4)

https://ioac.tv/2Nbc40h

Source: cve@mitre.org

ExploitThird Party Advisory

https://ioactive.com/verint-ptz-cameras-multiple-vulnerabilities/

Source: cve@mitre.org

Third Party Advisory

https://ioac.tv/2Nbc40h

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://ioactive.com/verint-ptz-cameras-multiple-vulnerabilities/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.