ICSA-23-159-02 · Published 2023-06-08 · View on CISA ICS-CERT ↗

Sensormatic Electronics Illustra Pro Gen 4

CVSS 8.3 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to compromise device credentials over a long period of sustained attack.

CVE-2023-0954

Sensormatic Electronics has provided the following mitigations:
Update Illustra Pro Gen 4 Dome to version 6.00.00.
Update Illustra Pro Gen 4 PTZ to version 6.00.00.
The camera can be upgraded via the web GUI using firmware Illustra provides, which can be found on www.illustracameras.com. The firmware can also be upgraded using the Illustra Connect tool (Windows based) or Illustra Tools (mobile app) or victor/VideoEdge, which also provides bulk firmware upgrade capability. Refer to the respective application documents for further information.
For additional information, refer to Johnson Controls Product Security Advisory JCI-PSA-2023-02 v1.

Sensormatic Electronics, a subsidiary of Johnson Controls, Inc.

Sensormatic Electronics, a subsidiary of Johnson Controls, Inc. · Pro Gen 4 Dome <= Illustra.SS016.05.09.04.0006

Sensormatic Electronics, a subsidiary of Johnson Controls, Inc. · Pro Gen 4 PTZ <= Illustra.SS010.05.09.04.0022

Critical Manufacturing

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.