Sign In
Advisories

FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 Hard-Coded SSH Credentials Vulnerability

Go Back
severity
critical
date
Affecting

  • FLIR Thermal Camera F/FC/PT/D 8.0.0.64

CWE
  • CWE-798 Use of Hard-coded Credentials
CVSS
9.3
CVSS V4 Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Credit
LiquidWorm as Gjoko Krstic of Zero Science Lab
Description
FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains hard-coded SSH credentials that cannot be changed through normal camera operations. Attackers can leverage these persistent, unmodifiable credentials to gain unauthorized remote access to the thermal camera system.