News : NUUO Firmware Vulnerabilities Disclosed by Digital Defense, Inc. Researchers
Digital Defense, Inc., a security technology and services provider, announced that its Vulnerability Research Team (VRT) discovered a previously undisclosed vulnerability in NUUO NVRmini2 Network Video Recorder firmware. NVRmini2 firmware version 3.9.1 and prior is vulnerable to an unauthenticated remote buffer overflow that could potentially be leveraged by an attacker to execute arbitrary code on the system with root privileges. This could allow the attacker to access and/or modify the camera feeds to the NVR and change the configuration or recordings on the NVR.
Information regarding the security fixes can be obtained through NUUO.
Details of the individual vulnerabilities can be found on the Digital Defense blog.
Sponsor message - content continues below this message
Employee Engagement Awards NOW OPEN!
Enter your center,and compete for this prestigious award to attract new staff and show investors and customers you are #1 in your nation!!
Content continues ….
Tom DeSot, EVP/Chief Information Officer at Digital Defense, said, "NUUO has worked closely with our VRT to ensure a fix is available to organizations utilizing the affected firmware. NUUO’s rapid response to the identification of the issue and collaboration has resulted in a quick resolution."
Digital Defense Research Methodology and Practices
The Digital Defense VRT regularly works with organizations in the responsible disclosure of zero-day vulnerabilities. The expertise of the VRT when coupled with the company’s next generation hybrid cloud platform, Frontline Vulnerability Manager, enables early detection capabilities. When zero-days are discovered and internally validated, the VRT immediately contacts the affected vendor to notify the organization of the new finding(s) and then assists, wherever possible, with the vendor’s remediation actions.
Today's Tip of the Day - CRM - Start With The Customer
More Editorial From Digital Defense, Inc.
About MRB PR:
MRB PR is a public relations company.
Published: Tuesday, December 4, 2018
Semafone provides secure voice transactions for contact centres and retailers taking Cardholder Not Present (CNP) payments. The solution allows a call - and the call recording - to continue as normal ...
Concentrix, a wholly-owned subsidiary of SYNNEX Corporation (NYSE: SNX), is a technology-enabled global business services company specializing in customer engagement and improving business performance...
Genesys® powers 25 billion of the world’s best customer experiences each year. Our success comes from connecting employee and customer conversations on any channel, every day. Over 10,000 companies in...
Avaya is a recognized innovator, leading business communications for the digital age. Avaya delivers smart global solutions and technologies for customer and team engagement, unified communications an...