virus logo Intrusion Prevention

Amcrest.Camera.NVR.Protocol.Field.Buffer.Overflow

description-logoDescription

This indicates an attack attempt to exploit a Buffer Overflow vulnerability in Amcrest Cameras and NVR.
The vulnerability is due to an improper boundary check condition in the application when handling a malformed "Protocol" field. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application or possibly cause a denial of service condition.

affected-products-logoAffected Products

Amcrest Firmware prior to version:
Amcrest_IPC-HX5X3X-Rhea_Eng_NP_Stream3_AMCREST_V2.622.00AC000.0.R.200320.bin
Amcrest_IPC-Consumer-Web-Mao-Molec_Eng_N_AMCREST_V2.800.0000000.6.R.200314.bin
Amcrest_IPC-HX2(1)XXX-Sag_Eng_N_AMCREST_V2.800.00AC000.0.R.200330.bin
Amcrest_IPC-AWXX_Eng_N_AMCREST_V2.420.AC00.18.R.20200217.bin
Amcrest_XVR5x04-X1_Eng_N_Amcrest_V4.000.00AC000.0.R.200218.bin
Amcrest_SD-Mao-Rhea_Eng_N_Stream3_AMCREST_V2.623.00AC004.0.R.200316.bin

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://amcrest.com/firmware

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2024-04-25 27.775 Default_action:pass:drop
2024-04-17 27.770
ID 55488
Created Apr 09, 2024
Updated Apr 17, 2024
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2020-5735
Known Exploited Yes
Exploit Prediction Score 2.27%
Default Action drop
Active
Affected OS Other
Affected App Other