CVE-2022-4621: Panasonic Sanyo CCTV Network Camera
First published: Tue Jan 17 2023(Updated: )
Panasonic Sanyo CCTV Network Cameras versions 1.02-05 and 2.03-0x are vulnerable to CSRFs that can be exploited to allow an attacker to perform changes with administrator level privileges.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Panasonic Vcc-hd5600p Firmware | =2.03-06 | |
| Panasonic Vcc-hd5600p | ||
| Panasonic Vcc-hd3300p Firmware | =1.02-05 | |
| Panasonic Vcc-hd3300p Firmware | =2.03-08 | |
| Panasonic Vcc-hd3300p | ||
| Panasonic Vcc-hd3300 Firmware | =2.03-02 | |
| Panasonic Vcc-hd3300 | ||
| Panasonic Vcc-hd2100p Firmware | =2.03-02 | |
| Panasonic Vcc-hd2100p | ||
| Panasonic Vcc-hd3100p Firmware | =2.03-00 | |
| Panasonic Vcc-hd3100p | ||
| Panasonic VCC-HD5600P version 2.03-06 | ||
| Panasonic VDC-HD3300P version 2.03-08 | ||
| Panasonic VDC-HD3300P version 1.02-05 | ||
| Panasonic VCC-HD3300 version 2.03-02 | ||
| Panasonic VDC-HD3100P version 2.03-00 | ||
| Panasonic VCC-HD2100P version 2.03-02 |
Remedy
Panasonic has stated that Sanyo Electric Camera Systems are no longer in production and released this advisory https://archives.connect.panasonic.com/security/sanyo/index.html . All repair requests and other support requests via email or phone will be available.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability identifier for this cybersecurity vulnerability?
The vulnerability identifier for this vulnerability is CVE-2022-4621.
Which software versions are affected by this vulnerability?
Panasonic Sanyo CCTV Network Cameras versions 1.02-05 and 2.03-0x are affected by this vulnerability.
What is the severity of CVE-2022-4621?
The severity of CVE-2022-4621 is high with a severity score of 8.8.
How can an attacker exploit this vulnerability?
An attacker can exploit this vulnerability to perform changes with administrator level privileges.
Are there any references available regarding this vulnerability?
Yes, you can find references for this vulnerability at the following URLs: - [Panasonic Sanyo Security Advisories](https://archives.connect.panasonic.com/security/sanyo/index.html) - [US-CERT ICS Advisory](https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-04)
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/remedy
- agent/weakness
- agent/last-modified-date
- agent/title
- agent/description
- agent/first-publish-date
- agent/severity
- agent/references
- agent/tags
- agent/softwarecombine
- agent/event
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup
- vendor/panasonic
- canonical/panasonic vcc-hd5600p firmware
- version/panasonic vcc-hd5600p firmware/2.03-06
- canonical/panasonic vcc-hd5600p
- canonical/panasonic vcc-hd3300p firmware
- version/panasonic vcc-hd3300p firmware/1.02-05
- version/panasonic vcc-hd3300p firmware/2.03-08
- canonical/panasonic vcc-hd3300p
- canonical/panasonic vcc-hd3300 firmware
- version/panasonic vcc-hd3300 firmware/2.03-02
- canonical/panasonic vcc-hd3300
- canonical/panasonic vcc-hd2100p firmware
- version/panasonic vcc-hd2100p firmware/2.03-02
- canonical/panasonic vcc-hd2100p
- canonical/panasonic vcc-hd3100p firmware
- version/panasonic vcc-hd3100p firmware/2.03-00
- canonical/panasonic vcc-hd3100p
- canonical/panasonic vcc-hd5600p version 2.03-06
- canonical/panasonic vdc-hd3300p version 2.03-08
- canonical/panasonic vdc-hd3300p version 1.02-05
- canonical/panasonic vcc-hd3300 version 2.03-02
- canonical/panasonic vdc-hd3100p version 2.03-00
- canonical/panasonic vcc-hd2100p version 2.03-02