What is the severity of CVE-2023-3749?

The severity of CVE-2023-3749 is high with a severity value of 5.5.

How does CVE-2023-3749 affect Johnsoncontrols Videoedge?

CVE-2023-3749 affects Johnsoncontrols Videoedge version up to 6.1.1.

How can I fix CVE-2023-3749?

To fix CVE-2023-3749, it is recommended to apply the necessary patches or updates provided by Johnsoncontrols.

Where can I find more information about CVE-2023-3749?

More information about CVE-2023-3749 can be found on the CISA and Johnsoncontrols websites.

Vulnerability/
CVE-2023-3749

high

7.1

CWE

345 349

3/8/2023

9/10/2024

CVE-2023-3749: VideoEdge config

Q: What can a local user do if they exploit CVE-2023-3749?

A local user can edit the VideoEdge configuration file and interfere with VideoEdge operation.

First published: Thu Aug 03 2023(Updated: )

A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation.

Credit: productsecurity@jci.com productsecurity@jci.com

Affected Software	Affected Version	How to fix
Johnsoncontrols Videoedge	<6.1.1
Sensormatic Electronics, LLC, a subsidiary of Johnson Controls Inc. VideoEdge	<6.1.1	6.1.1

Remedy

Update VideoEdge to version 6.1.1. The update can be downloaded from www.americandynamics.net http://www.americandynamics.net under Support/Software Downloads/Network Video Recorders.

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

ICSA-23-215-04

Frequently Asked Questions

What is the severity of CVE-2023-3749?
The severity of CVE-2023-3749 is high with a severity value of 5.5.
How does CVE-2023-3749 affect Johnsoncontrols Videoedge?
CVE-2023-3749 affects Johnsoncontrols Videoedge version up to 6.1.1.
What can a local user do if they exploit CVE-2023-3749?
A local user can edit the VideoEdge configuration file and interfere with VideoEdge operation.
How can I fix CVE-2023-3749?
To fix CVE-2023-3749, it is recommended to apply the necessary patches or updates provided by Johnsoncontrols.
Where can I find more information about CVE-2023-3749?
More information about CVE-2023-3749 can be found on the CISA and Johnsoncontrols websites.

collector/nvd-latest
collector/nvd-api
collector/nvd-index
agent/author
agent/references
agent/weakness
agent/type
agent/description
collector/ics-cert-advisory
source/ICS
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/title
agent/severity
agent/remedy
agent/last-modified-date
agent/first-publish-date
agent/tags
agent/event
vendor/johnsoncontrols
canonical/johnsoncontrols videoedge
vendor/sensormatic electronics, llc, a subsidiary of johnson controls inc.
canonical/sensormatic electronics, llc, a subsidiary of johnson controls inc. videoedge

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.