virus logo Intrusion Prevention

Axis.Communications.Security.Camera.UNRET.dbus.Function.Access

description-logoDescription

This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in Axis Communications Security Cameras.
The vulnerability is due to an error in the application when handling a maliciously crafted HTTP request. A remote attacker may be able to exploit this to bypass authentication and obtain administrative access.

description-logoOutbreak Alert

FortiGuard Labs observed actively targeted video surveillance systems which may be without any available patches. Some of the attack attempts were peaked to as much as 50,000 IPS devices in the month of April 2023.

View the full Outbreak Alert Report

affected-products-logoAffected Products

Axis Communications Security Camera
See following link for the complete list
https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf

Impact logoImpact

Security Bypass: Remote attackers can bypass security checks of vulnerable systems.
System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.axis.com/support/firmware

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-06-06 14.627 Severity:high:critical

References

45100
ID 46273
Created Jun 22, 2018
Updated May 02, 2022
Outbreak Alert Multiple Vendor Camera System Attack
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2018-10661 CVE-2018-10662
Exploit Prediction Score 10.54%
Default Action drop
Active
Affected OS All
Affected App Other