← Back to home
ICSA-18-284-01  ·  Published 2018-10-11  ·  View on CISA ICS-CERT ↗

NUUO NVRmini2 and NVRsolo

CVSS 10.0 CRITICAL

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to achieve remote code execution and user account modification.

CVEs (2)

Remediations

  • NUUO has developed a fix for the reported vulnerabilities and recommends users update to firmware v3.9.1. The update can be downloaded at the following location:

Affected Vendors

NUUO

Affected Products (1)

NUUO · NVRmini2 NVRsolo <= 3.8.0

Affected Sectors

Commercial Facilities, Financial Services, Government Facilities, Healthcare and Public Health, Transportation Systems

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more