Axis Communications, a provider of network video, has identified a critical security vulnerability in its products, with firmware versions between 5.20 to 6.20.X.
The company wants its users to take immediate action to upgrade the system to the new version.
Axis says its products that are exposed to the internet are facing the security risk. If the Axis products are exploited, the intruder has the potential to gain control of the affected product.
The US-based technology company said devices behind a protected network, network cameras connected to AXIS Video Hosting System and network cameras part of AXIS Companion solution are at low risk.
Axis recommends all users to upgrade to the latest firmware as soon as possible to eliminate this security risk. Users can download and install firmware using the AXIS Camera Management tool or download from the Axis support web page and then install via the product’s Web interface.
An independent researcher made Axis aware of the vulnerability, and plans to disclose it publicly on July 18.
Axis said all network devices are subject to potential threats, including network cameras. Axis has a detailed process to eliminate vulnerabilities before they can be exploited.
John Bartolac, senior manager, North America Cyber Strategy, said: “Though most installed cameras are safe behind a protected network and the probability of being affected is low, we still see this issue as critical and recommend that users upgrade the affected products’ firmware in a controlled manner, and follow Axis’ hardening guide to further reduce any potential vulnerabilities.”
