Vulnerability Description
A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Johnsoncontrols | Illustra Pro Gen 4 Dome Firmware | <= ss016.05.09.04.0006 |
| Johnsoncontrols | Illustra Pro Gen 4 Dome | - |
| Johnsoncontrols | Illustra Pro Gen 4 Ptz Firmware | <= ss010.05.09.04.0022 |
| Johnsoncontrols | Illustra Pro Gen 4 Ptz | - |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-02Third Party AdvisoryUS Government Resource
- https://www.johnsoncontrols.com/cyber-solutions/security-advisoriesBroken Link
- https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-02Third Party AdvisoryUS Government Resource
- https://www.johnsoncontrols.com/cyber-solutions/security-advisoriesBroken Link
FAQ
What is CVE-2023-0954?
CVE-2023-0954 is a vulnerability with a CVSS score of 8.3 (HIGH). A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack.
How severe is CVE-2023-0954?
CVE-2023-0954 has been rated HIGH with a CVSS base score of 8.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-0954?
Check the references section above for vendor advisories and patch information. Affected products include: Johnsoncontrols Illustra Pro Gen 4 Dome Firmware, Johnsoncontrols Illustra Pro Gen 4 Dome, Johnsoncontrols Illustra Pro Gen 4 Ptz Firmware, Johnsoncontrols Illustra Pro Gen 4 Ptz.