CVE-2021-27232 - OpenCVE

The RTSPLive555.dll ActiveX control in Pelco Digital Sentry Server 7.18.72.11464 has a SetCameraConnectionParameter stack-based buffer overflow. This can be exploited by a remote attacker to potentially execute arbitrary attacker-supplied code. The victim would have to visit a malicious webpage using Internet Explorer where the exploit could be triggered.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Pelco	Digital Sentry Server

Configuration 1 [-]

cpe:2.3:a:pelco:digital_sentry_server:7.18.72.11464:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server-RSTPLive555%20Activex%20Buffer%20overflow.txt	Exploit Third Party Advisory
https://support.pelco.com/s/article/What-is-the-Digital-Sentry-software-release-revision-history	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-02-16T14:28:40

Updated: 2021-02-16T14:28:40

Reserved: 2021-02-16T00:00:00

Link: CVE-2021-27232

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-02-16T15:15:13.647

Modified: 2021-02-22T21:24:06.530

Link: CVE-2021-27232

JSON object: View

Redhat Information

No data.

CWE

CWE-787

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The RTSPLive555.dll ActiveX control in Pelco Digital Sentry Server 7.18.72.11464 has a SetCameraConnectionParameter stack-based buffer overflow. This can be exploited by a remote attacker to potentially execute arbitrary attacker-supplied code. The victim would have to visit a malicious webpage using Internet Explorer where the exploit could be triggered."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-02-16T14:28:40", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.pelco.com/s/article/What-is-the-Digital-Sentry-software-release-revision-history"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server-RSTPLive555%20Activex%20Buffer%20overflow.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-27232", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The RTSPLive555.dll ActiveX control in Pelco Digital Sentry Server 7.18.72.11464 has a SetCameraConnectionParameter stack-based buffer overflow. This can be exploited by a remote attacker to potentially execute arbitrary attacker-supplied code. The victim would have to visit a malicious webpage using Internet Explorer where the exploit could be triggered."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://support.pelco.com/s/article/What-is-the-Digital-Sentry-software-release-revision-history", "refsource": "MISC", "url": "https://support.pelco.com/s/article/What-is-the-Digital-Sentry-software-release-revision-history"}, {"name": "https://github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server-RSTPLive555%20Activex%20Buffer%20overflow.txt", "refsource": "MISC", "url": "https://github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server-RSTPLive555%20Activex%20Buffer%20overflow.txt"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-27232", "datePublished": "2021-02-16T14:28:40", "dateReserved": "2021-02-16T00:00:00", "dateUpdated": "2021-02-16T14:28:40", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pelco:digital_sentry_server:7.18.72.11464:*:*:*:*:*:*:*", "matchCriteriaId": "84039097-D4AD-40FC-B43A-17CEC8286EE2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The RTSPLive555.dll ActiveX control in Pelco Digital Sentry Server 7.18.72.11464 has a SetCameraConnectionParameter stack-based buffer overflow. This can be exploited by a remote attacker to potentially execute arbitrary attacker-supplied code. The victim would have to visit a malicious webpage using Internet Explorer where the exploit could be triggered."}, {"lang": "es", "value": "El control ActiveX RTSPLive555.dll en Pelco Digital Sentry Server versi\u00f3n 7.18.72.11464, presenta un desbordamiento del b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n SetCameraConnectionParameter. Esto puede ser explotado por un atacante remoto para ejecutar potencialmente c\u00f3digo arbitrario suministrado por el atacante. La v\u00edctima tendr\u00eda que visitar una p\u00e1gina web maliciosa usando Internet Explorer donde se podr\u00eda desencadenar el exploit"}], "id": "CVE-2021-27232", "lastModified": "2021-02-22T21:24:06.530", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-02-16T15:15:13.647", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server-RSTPLive555%20Activex%20Buffer%20overflow.txt"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://support.pelco.com/s/article/What-is-the-Digital-Sentry-software-release-revision-history"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}