Ubia Ubox Insufficiently Protected API Credentials Vulnerability

A vulnerability exists in the Ubia camera ecosystem, specifically in the Ubox product version 1.1.124, due to inadequate protection of API credentials. This flaw could allow an attacker to connect to backend services and gain unauthorized access to cameras, potentially enabling the viewing of live feeds or modification of camera settings.

Impact

Exploitation of this vulnerability could lead to unauthorized access to camera feeds or settings, allowing for real-time surveillance or manipulation of camera functions.

Remediation

Ubia has not responded to CISA's attempts to coordinate. Users are encouraged to contact Ubia support for more information. CISA recommends minimizing network exposure for control system devices, using firewalls to isolate these devices from business networks, and employing secure remote access methods such as VPNs. Organizations should also follow CISA's recommended practices for ICS cybersecurity and report any suspected malicious activity to CISA.