First published: Tue Aug 06 2019(Updated: )
A cleartext password storage issue was discovered on MicroDigital N-series cameras with firmware through 6400.0.8.5. The file in question is /usr/local/ipsca/mipsca.db. If a camera is compromised, the attacker can gain access to passwords and abuse them to compromise further systems.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microdigital Mdc-n4090 Firmware | <=6400.0.8.5 | |
Microdigital Mdc-n4090 | ||
Microdigital Mdc-n4090w Firmware | <=6400.0.8.5 | |
Microdigital Mdc-n4090w | ||
Microdigital Mdc-n2190v Firmware | <=6400.0.8.5 | |
Microdigital Mdc-n2190v |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2019-14709.
The severity of CVE-2019-14709 is critical with a CVSS score of 9.8.
The affected software for CVE-2019-14709 is MicroDigital N-series cameras with firmware through 6400.0.8.5.
If a camera is compromised, the attacker can gain access to passwords stored in the /usr/local/ipsca/mipsca.db file and abuse them to compromise further systems.
MicroDigital MDC-N4090 and MDC-N4090W are not vulnerable to CVE-2019-14709.