CVE-2023-0954

Summary

A debug feature in Sensormatic Electronics Illustra Pro Gen 4 Dome and PTZ cameras allows a user to compromise credentials after a long period of sustained attack.

Affected Software

VendorProductVersion RangeStatus
Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.Illustra Pro Gen 4 Dome0 <= Illustra.SS016.05.09.04.0006affected
Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.Illustra Pro Gen 4 PTZ0 <= Illustra.SS010.05.09.04.0022affected

Weaknesses

  • CWE-489: CWE-489 Active Debug Code

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References