Products

    Pages

        Security Advisories

        Filter by Tags

        Vulnerability
        Updated Date
        Threat
        Identifier
        How is Crestron Affected
        Resources
        CVE-2020-0796: Microsoft SMBv3 Remote Code Execution
        03/16/20
        More information
        Threat:
        Crestron is aware of a remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
         
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2020-0796.
        How is Crestron Affected:
        Crestron recommends users to set firewall rules to block open port 445 as they would any other Windows PC product for the following products below.
         
        Products: UC-ENGINE, UC-ENGINE-SD, UC-ENGINE-SD-Z, CCS-UC-300, UC-M150-T, UC-M130-T, UC-M150-Z, UC-M130-Z, UC-M100-T, UC-B140-T, UC-B160-Z , UC-B160-T, UC-C160-T, UC-B140-Z, UC-C160-Z
         
        Crestron has reviewed the vulnerability report and has confirmed that it does not affect any other shipping Crestron products.
        CVE-2019-15126: KR00K Wi-Fi Vulnerability
        03/09/20
        More information
        Threat:
        Crestron is aware of a vulnerability that was discovered on certain Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.
         
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2019-15126.
        How is Crestron Affected:
        Crestron has reviewed the vulnerability report against all shipping products and has confirmed that the AM-200, AM-300, and TSR-310, are not affected.
        CVE-2020-0601: Microsoft Windows CryptoAPI Spoofing
        02/14/20
        More information
        Threat:
        Crestron is aware of a spoofing vulnerability exists in the way Microsoft Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider. A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2020-0601
        How is Crestron Affected:
        Updates to Crestron Fusion Cloud VM services are currently being rolled out and will be completed by February 15th, 2020.
         
        Crestron is working with Microsoft to deploy a timely update for our products affected below. Crestron will provide an update as soon as its available.
         
        Products: UC-ENGINE, UC-ENGINE-SD, UC-ENGINE-SD-Z, CCS-UC-300, UC-M150-T, UC-M130-T, UC-M150-Z, UC-M130-Z, UC-M100-T, UC-B140-T, UC-B160-Z , UC-B160-T, UC-C160-T, UC-B140-Z, UC-C160-Z
         
        Crestron RL2 devices should be upgraded from Windows 7 to Windows 10, please see link below.
         
        Crestron has reviewed the vulnerability report and has confirmed that it does not affect any other shipping Crestron products.
        Resources:
        For more information see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0601
        For Microsoft advisory see https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601
        To upgrade an RL2 device must be upgraded to Flex to migrate from Windows 7 to Windows 10, see a Crestron Sales Representative for more details.

        Microsoft Updates by version:
        For Microsoft Version 1803 update: https://support.microsoft.com/en-us/help/4534293/windows-10-update-kb4534293
        For Microsoft Version 1903 update: https://support.microsoft.com/en-us/help/4528760/windows-10-update-kb4528760
        CVE-2019-18184: Crestron DMC-STRO 1.0
        02/04/20
        More information
        Threat:
        Crestron is aware of a vulnerability exists in the CTP console of the DMC-STRO device, that allows through bash command substitution to execute commands on the system, on behalf of the root user.
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2019-18184.
        How is Crestron Affected:
        This vulnerability has been resolved in the current firmware upgrade. Crestron recommends upgrading devices with current firmware available on the product page.
         
        Minimum firmware version to address this vulnerability: version 3.2.14
         
        Crestron has reviewed the vulnerability report and has confirmed that it does not affect any other shipping Crestron products.
         
        Resources:
        To upgrade firmware: DigitalMedia 3.02.14
         
        Product Release Notes: v.3.2.14 Release Notes
         
        For more information see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18184

         
        Super Micro BMC Vulnerabilities Discovered
        09/18/19
        More information
        Threat:
        A vulnerability was disclosed affecting Super Micro’s BMC. Researchers have identified vulnerabilities in the Virtual Media function of Supermicro BMCs. BMC/IPMI Virtual Media is a feature of the Virtual Console that enables users to attach a CD/DVD image to the server as a virtual CD/DVD drive. These vulnerabilities include plaintext authentication, weak encryption, and authentication bypass within the Virtual Media capabilities. Identified by researchers in the lab, the vulnerabilities have not been reported in a customer environment.
         
        Identifier:
        N/A
        How is Crestron Affected:
        This BMC is used in the DM-NVX Director products - DM-XIO-DIR-80, DM-XIO-DIR-160 and DM-XIO-DIR-ENT. By default, the BMC is only available from the management port. 

        Best practices are that the management port is only used for local connection and not connected to a wider LAN. In this configuration, there is little to no risk with regards to the report vulnerabilities.

        Customers can update as per the below procedure to further eliminate the concerns.
         
        DM NVX 2.0 and Earlier Supports SNMP v1/2
        08/14/19
        More information
        Threat:
        Unauthorized users can read all SNMP information because the access password is not secure in SNMPv1 or SNMPv2.
        SNMPv1 and SNMPv2 have been designated as obsolete.

        Versions of DM NVX prior to the released 2.1 supported these earlier versions.

         
        Identifier:
        N/A
        How is Crestron Affected:
        Versions of DM NVX 2.0 and earlier supported these now obsolete versions of SNMP. While used in the industry for years, a number of security vendors now flag it with increasing severity. As a result, it has been removed from the 2.1 feature set. SNMP v3 will be a part of the DM NVX 2.2 release.

        There is no reliable method to disable SNMP on the DM NVX device itself.

        The easiest method to eliminate the potential risk is to update to DM NVX 2.1 or higher. 

        If you decide not to update: 
        • All exposed parameters on the DM NVX are Read Only, so an attacker is limited
        • The risk can be eliminated by blocking UDP traffic on ports 161 and 162
        Resources:
        CVE-2019-13450: ZOOM CLIENT
        07/16/19
        More information
        Threat:
        Crestron is aware of a vulnerability within the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 on MacOS. Remote attackers can force a user to join a video call with the video camera active. This occurs because any web site can interact with the Zoom web server on localhost port 19421 or 19424.

        NOTE: a machine remains vulnerable if the Zoom Client was installed in the past and then uninstalled. Blocking exploitation requires additional steps, such as the ZDisableVideo preference and/or killing the web server, deleting the ~/.zoomus directory, and creating a ~/.zoomus plain file.
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2019-13450
        How is Crestron Affected:
        Crestron and Zoom have reviewed the vulnerability report and has confirmed that it does not affect any Crestron products.
        CVE-2019-9006: CP3N/PRO3/AV3
        06/07/19
        More information
        Threat:
        Crestron is aware of a vulnerability with the CP3N, Pro3, and AV3 devices which allows attackers to change firewalls rules, scan the internal network, download and run scripts through the remote root shell on the router via telnet access.
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2019-9006
        How is Crestron Affected:
        This vulnerability has been resolved in the current firmware upgrade. Crestron recommends upgrading devices with current firmware available on the product page.

        Minimum firmware versions to address this vulnerability: v.1.600.0092
        Authentication Bypass in AM-100/AM-101
        05/10/19
        More information
        Threat:
        Crestron is aware of a vulnerability in the AM-100 and AM-101 units that can allow a user to bypass authentication. All users are urged to update firmware to the versions noted.

        The latest AM-100/101 firmware release includes CVE-2019-3910 fix. See link below under Resources.

        Please note the following vulnerabilities only affect the Airmedia AM-100 and AM-101 devices. All other second generation AirMedia devices are not affected.
        Identifier:
        N/A
        How is Crestron Affected:

        CVE-2019-3910: Authentication Bypass - This vulnerability has been resolved in the current firmware and can be downloaded on the product page. Minimum firmware version to address this vulnerability: 2.7.0 (AM-101) and 1.6.0 (AM-100). Affected Devices:

        • AM-101
        • AM-100
        CVE-2018-10933: libssh Server Allows Unauthorized Access
        10/24/18
        More information
        Threat:
        Crestron is aware of a vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2018-10933.
        How is Crestron Affected:
        While Crestron does use libssh in some products, it is not used for authentication in any circumstance. Therefore, no Crestron products are affected by this vulnerability.
        Resources:
        |<  <   1 2 3 4 5 6    >  >| Pages: 3 of 6

        Subscribe to get notifications on the latest security updates