"Dahua IP Camera Vulnerability Could Let Attackers Take Full Control Over Devices"

Information has been released on a security flaw in Dahua's implementation of the Open Network Video Interface Forum (ONVIF) standard that, if abused, might result in the takeover of IP cameras. According to a report released by Nozomi Networks, the CVE-2022-30563 vulnerability (CVSS score: 7.4) may be exploited by attackers to compromise network cameras by intercepting a previous unencrypted ONVIF interaction and replaying the credentials in a new request towards the camera. ONVIF governs the creation and implementation of an open standard for how IP-based physical security products such as video surveillance cameras and access control systems can communicate in a vendor-agnostic way. Nozomi Networks discovered the bug in the "WS-UsernameToken" authentication mechanism used in certain IP cameras manufactured by the Chinese firm Dahua. The successful exploitation of the flaw could allow an adversary to covertly add a malicious administrator account and exploit it to gain full access to an affected device, including viewing live camera feeds. To carry out this attack, a threat actor only needs to capture one unencrypted ONVIF request authenticated with the WS-UsernameToken schema, which is then used to send a forged request with the same authentication data to trick the device into creating the admin account. Following the discovery of similar flaws in Reolink, ThroughTek, Annke, and Axis devices, this disclosure highlights the potential risks posed by the Internet of Things (IoT) security camera systems, given their deployment in critical infrastructure facilities. This article continues to discuss the potential exploitation and impact of the Dahua IP camera vulnerability. 

THN reports "Dahua IP Camera Vulnerability Could Let Attackers Take Full Control Over Devices"