CVE-2023-4249
published 2023-11-08CVE-2023-4249: Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, and CD321 IP Cameras with firmware version M2.1.6.05 has a command…
PriorityP271critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
10.39%
95.2th percentile
Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,
CB6231, B8520, B8220, and CD321
IP Cameras
with firmware version M2.1.6.05 has a
command injection vulnerability in their implementation of their
binaries and handling of network requests.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zavio | b8220_firmware | — | — |
| zavio | b8520_firmware | — | — |
| zavio | cb3211_firmware | — | — |
| zavio | cb3212_firmware | — | — |
| zavio | cb5220_firmware | — | — |
| zavio | cb6231_firmware | — | — |
| zavio | cd321_firmware | — | — |
| zavio | cf7201_firmware | — | — |
| zavio | cf7300_firmware | — | — |
| zavio | cf7500_firmware | — | — |
| zavio | cf7501_firmware | — | — |
| zavio | ip_camera_b8220 | — | — |
| zavio | ip_camera_b8520 | — | — |
| zavio | ip_camera_cb3211 | — | — |
| zavio | ip_camera_cb3212 | — | — |
| zavio | ip_camera_cb5220 | — | — |
| zavio | ip_camera_cb6231 | — | — |
| zavio | ip_camera_cd321 | — | — |
| zavio | ip_camera_cf7201 | — | — |
| zavio | ip_camera_cf7300 | — | — |
| zavio | ip_camera_cf7500 | — | — |
| zavio | ip_camera_cf7501 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Target devices are Zavio IP Cameras (CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220, CD321) running firmware version M2.1.6.05 — detect exploitation attempts against these devices on the network ↗
- →The OS command injection (CVE-2023-4249) is triggered via incoming network requests — monitor for anomalous or malformed network requests to Zavio IP camera HTTP/management interfaces, particularly those carrying OS command metacharacters ↗
- →Related stack-based buffer overflow vulnerabilities (CVE-2023-3959, CVE-2023-45225, CVE-2023-43755, CVE-2023-39435) on the same firmware are triggered via XML elements in incoming network requests — inspect network traffic for oversized or malformed XML payloads destined for Zavio camera interfaces ↗
- →CVE-2023-4249 requires low-privilege authentication (PR:L) — alert on any authenticated session to a Zavio IP camera (firmware M2.1.6.05) that subsequently triggers unexpected process spawning or shell execution ↗
- ·Affected products are end-of-life with no firmware fix available; vendor (Zavio) is no longer in business — no patch-based remediation exists ↗
- ·No known public exploitation of CVE-2023-4249 had been reported to CISA at time of advisory publication (October 31, 2023) ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Zavio IP Camera
cisa_ics·2023-10-31·CVSS 9.8
[CRITICAL] Zavio IP Camera
ICS Advisory
##
Zavio IP Camera
Release DateOctober 31, 2023
Alert CodeICSA-23-304-03
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Zavio
- Equipment: IP Camera
- Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer, OS Command Injection
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow remote code execution.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Zavio IP Cameras are affected:
- CF7500: version M2.1.6.05
- CF7300: version M2.1.6.05
- CF7201: version M2.1.6.05
- CF7501: version M2.1.6.05
- CB3211: version M2.1.6.05
- CB3212: version M2.1.6.05
- CB5220: version M2.1.6.05
- CB623
GHSA
GHSA-hf79-fwx9-q3gm: Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,
CB6231, B8520, B8220, and CD321
IP Cameras
with firmware version M2
ghsa_unreviewed·2023-11-09
CVE-2023-4249 [HIGH] CWE-121 GHSA-hf79-fwx9-q3gm: Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,
CB6231, B8520, B8220, and CD321
IP Cameras
with firmware version M2
Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,
CB6231, B8520, B8220, and CD321
IP Cameras
with firmware version M2.1.6.05 has a
command injection vulnerability in their implementation of their
binaries and handling of network requests.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-11-08
Published