Details of VAR-201907-1080

ID

VAR-201907-1080

CVE

CVE-2017-8228

TITLE

Amcrest IPM-721S Vulnerabilities related to authorization, authority, and access control in devices

Trust: 0.8

sources: JVNDB: JVNDB-2017-014566

DESCRIPTION

Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices mishandle reboots within the past two hours. Amcrest cloud services does not perform a thorough verification when allowing the user to add a new camera to the user's account to ensure that the user actually owns the camera other than knowing the serial number of the camera. This can allow an attacker who knows the serial number to easily add another user's camera to an attacker's cloud account and control it completely. This is possible in case of any camera that is currently not a part of an Amcrest cloud account or has been removed from the user's cloud account. Also, another requirement for a successful attack is that the user should have rebooted the camera in the last two hours. However, both of these conditions are very likely for new cameras that are sold over the Internet at many ecommerce websites or vendors that sell the Amcrest products. The successful attack results in an attacker being able to completely control the camera which includes being able to view and listen on what the camera can see, being able to change the motion detection settings and also be able to turn the camera off without the user being aware of it. Note: The same attack can be executed using the Amcrest Cloud mobile application. Amcrest IPM-721S Devices have vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Amcrest IPM-721S is a wireless IP camera from Amcrest. An unknown security vulnerability exists in the AmcrestIPM-721SV2.420.AC00.16.R.20160909 release

Trust: 2.34

sources: NVD: CVE-2017-8228 // JVNDB: JVNDB-2017-014566 // CNVD: CNVD-2019-24195 // VULHUB: VHN-116431 // VULMON: CVE-2017-8228

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-24195

AFFECTED PRODUCTS

vendor:	amcrest	model:	ipm-721s	scope:	lte	version:	2.420.ac00.16.r.20160909	Trust: 1.0
vendor:	amcrest	model:	ipm-721s	scope:	eq	version:	2.420.ac00.16.r.20160909	Trust: 0.8
vendor:	amcrest	model:	ipm-721s v2.420.ac00.16.r.20160909	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2019-24195 // JVNDB: JVNDB-2017-014566 // NVD: CVE-2017-8228

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-8228
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-8228
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-24195
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201907-199
value:	HIGH
Trust: 0.6
VULHUB:	VHN-116431
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2017-8228
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-8228
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2019-24195
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-116431
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-8228
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2019-24195 // VULHUB: VHN-116431 // VULMON: CVE-2017-8228 // JVNDB: JVNDB-2017-014566 // CNNVD: CNNVD-201907-199 // NVD: CVE-2017-8228

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-116431 // JVNDB: JVNDB-2017-014566 // NVD: CVE-2017-8228

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201907-199

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201907-199

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-014566

PATCH

title:	Top Page	url:	https://amcrest.com/	Trust: 0.8
title:	AmcrestIPM-721S has an unspecified vulnerability (CNVD-2019-24195) patch	url:	https://www.cnvd.org.cn/patchInfo/show/170545	Trust: 0.6
title:	Amcrest IPM-721S Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=94393	Trust: 0.6
title:	IoT_vulnerabilities	url:	https://github.com/ethanhunnt/IoT_vulnerabilities	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/amcrest-critical-security-issues/145507/	Trust: 0.1

sources: CNVD: CNVD-2019-24195 // VULMON: CVE-2017-8228 // JVNDB: JVNDB-2017-014566 // CNNVD: CNNVD-201907-199

EXTERNAL IDS

db:	NVD	id:	CVE-2017-8228	Trust: 3.3
db:	PACKETSTORM	id:	153224	Trust: 1.9
db:	JVNDB	id:	JVNDB-2017-014566	Trust: 0.8
db:	CNNVD	id:	CNNVD-201907-199	Trust: 0.7
db:	CNVD	id:	CNVD-2019-24195	Trust: 0.6
db:	VULHUB	id:	VHN-116431	Trust: 0.1
db:	VULMON	id:	CVE-2017-8228	Trust: 0.1

sources: CNVD: CNVD-2019-24195 // VULHUB: VHN-116431 // VULMON: CVE-2017-8228 // JVNDB: JVNDB-2017-014566 // PACKETSTORM: 153224 // CNNVD: CNNVD-201907-199 // NVD: CVE-2017-8228

REFERENCES

url:	https://github.com/ethanhunnt/iot_vulnerabilities/blob/master/amcrest_sec_issues.pdf	Trust: 2.6
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8228	Trust: 2.1
url:	https://seclists.org/bugtraq/2019/jun/8	Trust: 1.8
url:	http://packetstormsecurity.com/files/153224/amcrest-ipm-721s-credential-disclosure-privilege-escalation.html	Trust: 1.8
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8228	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/264.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://threatpost.com/amcrest-critical-security-issues/145507/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8229	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8227	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8226	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-13719	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2017-8230	Trust: 0.1

CREDITS

Mandar Satam

Trust: 0.1

sources: PACKETSTORM: 153224

SOURCES

db:	CNVD	id:	CNVD-2019-24195
db:	VULHUB	id:	VHN-116431
db:	VULMON	id:	CVE-2017-8228
db:	JVNDB	id:	JVNDB-2017-014566
db:	PACKETSTORM	id:	153224
db:	CNNVD	id:	CNNVD-201907-199
db:	NVD	id:	CVE-2017-8228

LAST UPDATE DATE

2024-11-23T21:59:49.431000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-24195	date:	2019-07-24T00:00:00
db:	VULHUB	id:	VHN-116431	date:	2019-07-11T00:00:00
db:	VULMON	id:	CVE-2017-8228	date:	2019-07-11T00:00:00
db:	JVNDB	id:	JVNDB-2017-014566	date:	2019-07-12T00:00:00
db:	CNNVD	id:	CNNVD-201907-199	date:	2019-07-12T00:00:00
db:	NVD	id:	CVE-2017-8228	date:	2024-11-21T03:33:35.130

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-24195	date:	2019-07-22T00:00:00
db:	VULHUB	id:	VHN-116431	date:	2019-07-03T00:00:00
db:	VULMON	id:	CVE-2017-8228	date:	2019-07-03T00:00:00
db:	JVNDB	id:	JVNDB-2017-014566	date:	2019-07-12T00:00:00
db:	PACKETSTORM	id:	153224	date:	2019-06-07T15:06:02
db:	CNNVD	id:	CNNVD-201907-199	date:	2019-07-03T00:00:00
db:	NVD	id:	CVE-2017-8228	date:	2019-07-03T20:15:10.573