Products

    Pages

        Security Advisories

        Filter by Tags

        Vulnerability
        Updated Date
        Threat
        Identifier
        How is Crestron Affected
        Resources
        CVE-2018-11228: OS COMMAND INJECTION
        08/09/18
        More information
        Threat:
        Crestron is aware of a vulnerability which allows for unauthenticated remote code execution via a Bash shell service in Crestron Toolbox Protocol (CTP).
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2018-11228.
        How is Crestron Affected:

        Minimum firmware version to address this vulnerability: v2.001.0037.001. Affected Devices:

        • TSW-1060
        • TSW-760
        • TSW-560
        • TSW-1060-NC
        • TSW-760-NC
        • TSW-560-NC
        CVE-2018-11228: UNAUTHENTICATED REMOTE CODE EXECUTION VIA BASH SHELL SERVICE IN CTP
        08/09/18
        More information
        Threat:
        Crestron is aware of a vulnerability with specific touch panels which allows for unauthenticated remote code execution via bash. If authentication is enabled, the probability of exploit is lower as authentication is required.
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2018-11228.
        How is Crestron Affected:

        This vulnerability has been resolved in the current firmware and can be downloaded on the product page.

        Minimum firmware versions to address this vulnerability:

        • TSW-X60 Series use FW 2.0001.0037.001 or late
        • TSW-X52 Series use FW 1.004.0007 or later

        Affected Devices:

        • TSW-1060
        • TSW-760
        • TSW-560
        • TSW-1060-NC
        • TSW-760-NC
        • TSW-560-NC
        • TSW-552
        • TSW-752
        • TSW-1052
        • TSR-302
        • TST-602
        • TST-902
        • TSW-732
        • TSS-752
        • DMC-STR

        Additional products are being tested.

        Resources:
        CVE-2018-11229: OS COMMAND INJECTION
        08/09/18
        More information
        Threat:
        Crestron is aware of a vulnerability which allows for unauthenticated remote code execution via command injection in Crestron Toolbox Protocol (CTP).
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2018-11229.
        How is Crestron Affected:

        Minimum firmware version to address this vulnerability: v2.001.0037.001. Affected Devices:

        • TSW-1060
        • TSW-760
        • TSW-560
        • TSW-1060-NC
        • TSW-760-NC
        • TSW-560-NC
        CVE-2018-11229: UNAUTHENTICATED REMOTE CODE EXECUTION VIA COMMAND INJECTION IN CTP
        08/09/18
        More information
        Threat:
        Crestron is aware of a vulnerability with specific touch panels which allows for unauthenticated remote code execution via command injection. If authentication is enabled, the probability of exploit is lower as authentication is required.
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2018-11229.
        How is Crestron Affected:

        This vulnerability has been resolved in the current firmware and can be downloaded on the product page.

        Minimum firmware versions to address this vulnerability:

        • TSW-X60 Series use FW 2.0001.0037.001 or later
        • TSW-X52 Series use FW 1.004.0007 or later

        Affected Devices:

        • TSW-1060
        • TSW-760
        • TSW-560
        • TSW-1060-NC
        • TSW-760-NC
        • TSW-560-NC
        • TSW-552
        • TSW-752
        • TSW-1052
        • TSR-302
        • TST-602
        • TST-902
        • TSW-732
        • TSS-752
        • DMC-STR

        Additional products are being tested.

        Resources:
        CVE-2018-13341: ELEVATION OF PRIVILEGE IN CRESTRON TERMINAL PROTOCOL
        08/09/18
        More information
        Threat:
        Crestron TSW-XX60 touch panel devices were affected by a privilege-escalation vulnerability that could be exploited through access to administrative credentials in the device firmware. SUDO is a debug specific command that can only be issued by an authenticated ADMIN user/account. However, to eliminate any possible confusion, the supwdgenerator executable has been completely removed from the device and the original generation algorithm has been modified.
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2018-13341
        How is Crestron Affected:

        Minimum firmware version to address this vulnerability: v2.001.0037.001. Affected Devices:

        • TSW-1060
        • TSW-760
        • TSW-560
        • TSW-1060-NC
        • TSW-760-NC
        • TSW-560-NC
        KRACK
        08/09/18
        More information
        Threat:

        It has been reported that there several vulnerabilities in the WiFi Protected Access II Protocol (WPA2).

        The vulnerabilities make it possible for attackers to eavesdrop on WiFi traffic.

        Please see the following CVE reports for additional information: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, and CVE-2017-13088.

        Identifier:
        N/A
        How is Crestron Affected:

        This vulnerability is a protocol level vulnerability and as such affects nearly all correct implementations of the firmware.

        The following devices are affected:

        • CEN-WAP-1500
        • CEN-WAP-ABG-1G
        • CEN-WAP-ABG-CM
        • TSR-302 - Resolved in Version 1.004.0007
        • TST-602 - Resolved in Version 1.004.0007
        • TST-902 - Resolved in Version 1.004.0007

        Other Crestron WiFi products do not support WPA2 and as such are not affected.

        If any of the CEN-WAP products are used with non-Crestron products, all unencrypted information should be considered at risk. Use HTTPS and other secure protocols until a fix is available.

        Most traffic between the TSR-302, TST-602, TST-902 and the control system is over Crestron Extended Range 2.4 GHz RF (ER) and is thus unaffected. However, WiFi communications are used for some additional functions (such as video playback, intercom, etc.) and could be vulnerable. Crestron is actively working towards a fix.

        If you are using a non-Crestron WAP you should also check with the vendor for updates.

        A notable risk is that the following UI Applications use direct connections and could be intercepted and potentially spoofed:

        • Media Player Object
        • All Pyng Objects
        • TV Presets Object

        Two possible mitigations exist:

        1. Remove the UI Applications from devices.
        2. Disable WiFi on the Remotes. This will allow the UI Applications to still run but will disable other features (such as streaming video, intercom, graphics). Note that performance of the applications will also be affected.

        It is recommended that all installations follow the Secure Deployment Guide found in Online Help ID 5571. This will enable additional encryption on the device. This will not remove the risk noted regarding the UI Applications by itself.

        Resources:
        CVE-2017-16709: REMOTE CODE EXECUTION VULNERABILITY
        06/19/18
        More information
        Threat:
        Crestron is aware of a vulnerability in the AM-100 and AM-101 units that allows for remote code execution. Authentication as an administrator is required for an attacker to use this exploit.
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2017-16709.
        How is Crestron Affected:

        This vulnerability has been resolved in the current firmware and can be downloaded on the product page.

        Minimum firmware version to address this vulnerability: 2.7.0 (AM-101) and 1.6.0 (AM-100)Affected Devices:

        • AM-101
        • AM-100
        Resources:
        CVE-2017-16710: CROSS-SITE SCRIPTING VULNERABILITY
        06/19/18
        More information
        Threat:
        Crestron is aware of a vulnerability in the AM-100 and AM-101 units that allows for cross-site scripting. Authentication as an administrator is required for an attacker to use this exploit.
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2017-16710.
        How is Crestron Affected:

        This vulnerability has been resolved in the current firmware and can be downloaded on the product page.

        Minimum firmware version to address this vulnerability: 2.7.0 (AM-101) and 1.6.0 (AM-100). Affected Devices:

        • AM-101
        • AM-100
        Resources:
        CVE­-2018-­5553: CRESTRON DGE-­100 CONSOLE COMMAND INJECTION
        06/04/18
        More information
        Threat:
        Crestron is aware of a vulnerability with the DGE-100, DM-DGE-200-C, and TS-1542-C devices which allows for console command injection. If authentication is enabled, the probability of exploit is lower as authentication is required.
        Identifier:
        This vulnerability has been assigned CVE identifier CVE-2018-5553.
        How is Crestron Affected:

        This vulnerability has been resolved in the current firmware and can be downloaded on the product page.

        Minimum firmware version to address this vulnerability: 1.3384.00059.001

        Affected Devices:

        • DGE-100
        • TS-1542-C
        • DM-DGE-200-C
        Resources:
        DM-NVX PASSWORD VULNERABILITY
        04/23/18
        More information
        Threat:
        Crestron is aware of a DM-NVX password vulnerability, which affects custom passwords created with firmware version 1.3547.00018 or earlier. This issue has been resolved with firmware version 1.3626.00053. After upgrading, it is recommended to resubmit or change the password of the DM-NVX if using a password other than the default.
        Identifier:
        N/A
        How is Crestron Affected:

        Crestron's DM-NVX had a password vulnerability in firmware version 1.3547.00018 and earlier. Due to this vulnerability passwords were authenticated with only eight (8) characters. Therefore, characters after the first eight (8) were discarded and ignored. After upgrading it is recommended to resubmit or change the password for user accounts.

        If attempting to downgrade from 1.3626.00053 to an earlier version of firmware, the DM-NVX will be automatically restored due to this vulnerability.

        Resources:
        |<  <   1 2 3 4 5    >  >| Pages: 3 of 5

        Subscribe to get notifications on the latest security updates