CVE-2016-7834 - Vulnerability Details

SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H, SNC-ZP550, SNC-ZR550, SNC-EP520, SNC-EP521, SNC-ER520, SNC-ER521, SNC-ER521C network cameras with firmware before Ver.1.86.00 and SONY SNC-CX600, SNC-CX600W, SNC-EB600, SNC-EB600B, SNC-EB602R, SNC-EB630, SNC-EB630B, SNC-EB632R, SNC-EM600, SNC-EM601, SNC-EM602R, SNC-EM602RC, SNC-EM630, SNC-EM631, SNC-EM632R, SNC-EM632RC, SNC-VB600, SNC-VB600B, SNC-VB600B5, SNC-VB630, SNC-VB6305, SNC-VB6307, SNC-VB632D, SNC-VB635, SNC-VM600, SNC-VM600B, SNC-VM600B5, SNC-VM601, SNC-VM601B, SNC-VM602R, SNC-VM630, SNC-VM6305, SNC-VM6307, SNC-VM631, SNC-VM632R, SNC-WR600, SNC-WR602, SNC-WR602C, SNC-WR630, SNC-WR632, SNC-WR632C, SNC-XM631, SNC-XM632, SNC-XM636, SNC-XM637, SNC-VB600L, SNC-VM600L, SNC-XM631L, SNC-WR602CL network cameras with firmware before Ver.2.7.2 are prone to sensitive information disclosure. This may allow an attacker on the same local network segment to login to the device with administrative privileges and perform operations on the device.

No CVSS v4.0

No CVSS v3.1

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.39457.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:sony:snc_series_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sony:snc-cx600:-:::::::*
	cpe:2.3:h:sony:snc-cx600w:-:::::::*
	cpe:2.3:h:sony:snc-eb600:-:::::::*
	cpe:2.3:h:sony:snc-eb600b:-:::::::*
	cpe:2.3:h:sony:snc-eb602r:-:::::::*
	cpe:2.3:h:sony:snc-eb630:-:::::::*
	cpe:2.3:h:sony:snc-eb630b:-:::::::*
	cpe:2.3:h:sony:snc-eb632r:-:::::::*
	cpe:2.3:h:sony:snc-em600:-:::::::*
	cpe:2.3:h:sony:snc-em601:-:::::::*
	cpe:2.3:h:sony:snc-em602r:-:::::::*
	cpe:2.3:h:sony:snc-em602rc:-:::::::*
	cpe:2.3:h:sony:snc-em630:-:::::::*
	cpe:2.3:h:sony:snc-em631:-:::::::*
	cpe:2.3:h:sony:snc-em632r:-:::::::*
	cpe:2.3:h:sony:snc-em632rc:-:::::::*
	cpe:2.3:h:sony:snc-vb600:-:::::::*
	cpe:2.3:h:sony:snc-vb600b:-:::::::*
	cpe:2.3:h:sony:snc-vb600b5:-:::::::*
	cpe:2.3:h:sony:snc-vb600l:-:::::::*
	cpe:2.3:h:sony:snc-vb630:-:::::::*
	cpe:2.3:h:sony:snc-vb6305:-:::::::*
	cpe:2.3:h:sony:snc-vb6307:-:::::::*
	cpe:2.3:h:sony:snc-vb632d:-:::::::*
	cpe:2.3:h:sony:snc-vb635:-:::::::*
	cpe:2.3:h:sony:snc-vm600:-:::::::*
	cpe:2.3:h:sony:snc-vm600b:-:::::::*
	cpe:2.3:h:sony:snc-vm600b5:-:::::::*
	cpe:2.3:h:sony:snc-vm600l:-:::::::*
	cpe:2.3:h:sony:snc-vm601:-:::::::*
	cpe:2.3:h:sony:snc-vm601b:-:::::::*
	cpe:2.3:h:sony:snc-vm602r:-:::::::*
	cpe:2.3:h:sony:snc-vm630:-:::::::*
	cpe:2.3:h:sony:snc-vm6305:-:::::::*
	cpe:2.3:h:sony:snc-vm6307:-:::::::*
	cpe:2.3:h:sony:snc-vm631:-:::::::*
	cpe:2.3:h:sony:snc-vm632r:-:::::::*
	cpe:2.3:h:sony:snc-wr600:-:::::::*
	cpe:2.3:h:sony:snc-wr602:-:::::::*
	cpe:2.3:h:sony:snc-wr602c:-:::::::*
	cpe:2.3:h:sony:snc-wr602cl:-:::::::*
	cpe:2.3:h:sony:snc-wr630:-:::::::*
	cpe:2.3:h:sony:snc-wr632:-:::::::*
	cpe:2.3:h:sony:snc-wr632c:-:::::::*
	cpe:2.3:h:sony:snc-xm631:-:::::::*
	cpe:2.3:h:sony:snc-xm631l:-:::::::*
	cpe:2.3:h:sony:snc-xm632:-:::::::*
	cpe:2.3:h:sony:snc-xm636:-:::::::*
	cpe:2.3:h:sony:snc-xm637:-:::::::*

Configuration 2 [-]

AND

cpe:2.3:o:sony:snc_series_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:sony:snc-ch115:-:::::::*
	cpe:2.3:h:sony:snc-ch120:-:::::::*
	cpe:2.3:h:sony:snc-ch160:-:::::::*
	cpe:2.3:h:sony:snc-ch220:-:::::::*
	cpe:2.3:h:sony:snc-ch260:-:::::::*
	cpe:2.3:h:sony:snc-dh120:-:::::::*
	cpe:2.3:h:sony:snc-dh120t:-:::::::*
	cpe:2.3:h:sony:snc-dh160:-:::::::*
	cpe:2.3:h:sony:snc-dh220:-:::::::*
	cpe:2.3:h:sony:snc-dh220t:-:::::::*
	cpe:2.3:h:sony:snc-dh260:-:::::::*
	cpe:2.3:h:sony:snc-eb520:-:::::::*
	cpe:2.3:h:sony:snc-em520:-:::::::*
	cpe:2.3:h:sony:snc-em521:-:::::::*
	cpe:2.3:h:sony:snc-ep520:-:::::::*
	cpe:2.3:h:sony:snc-ep521:-:::::::*
	cpe:2.3:h:sony:snc-ep550:-:::::::*
	cpe:2.3:h:sony:snc-ep580:-:::::::*
	cpe:2.3:h:sony:snc-er520:-:::::::*
	cpe:2.3:h:sony:snc-er521:-:::::::*
	cpe:2.3:h:sony:snc-er521c:-:::::::*
	cpe:2.3:h:sony:snc-er550:-:::::::*
	cpe:2.3:h:sony:snc-er550c:-:::::::*
	cpe:2.3:h:sony:snc-er580:-:::::::*
	cpe:2.3:h:sony:snc-er585:-:::::::*
	cpe:2.3:h:sony:snc-er585h:-:::::::*
	cpe:2.3:h:sony:snc-zb550:-:::::::*
	cpe:2.3:h:sony:snc-zm550:-:::::::*
	cpe:2.3:h:sony:snc-zm551:-:::::::*
	cpe:2.3:h:sony:snc-zp550:-:::::::*
	cpe:2.3:h:sony:snc-zr550:-:::::::*

No data.

Project Subscriptions

Vendors	Products
Sony Subscribe	Snc-ch115 Subscribe Snc-ch120 Subscribe Snc-ch160 Subscribe Snc-ch220 Subscribe Snc-ch260 Subscribe Snc-cx600 Subscribe Snc-cx600w Subscribe Snc-dh120 Subscribe Snc-dh120t Subscribe Snc-dh160 Subscribe Snc-dh220 Subscribe Snc-dh220t Subscribe Snc-dh260 Subscribe Snc-eb520 Subscribe Snc-eb600 Subscribe Snc-eb600b Subscribe Snc-eb602r Subscribe Snc-eb630 Subscribe Snc-eb630b Subscribe Snc-eb632r Subscribe Snc-em520 Subscribe Snc-em521 Subscribe Snc-em600 Subscribe Snc-em601 Subscribe Snc-em602r Subscribe Snc-em602rc Subscribe Snc-em630 Subscribe Snc-em631 Subscribe Snc-em632r Subscribe Snc-em632rc Subscribe Snc-ep520 Subscribe Snc-ep521 Subscribe Snc-ep550 Subscribe Snc-ep580 Subscribe Snc-er520 Subscribe Snc-er521 Subscribe Snc-er521c Subscribe Snc-er550 Subscribe Snc-er550c Subscribe Snc-er580 Subscribe Snc-er585 Subscribe Snc-er585h Subscribe Snc-vb600 Subscribe Snc-vb600b Subscribe Snc-vb600b5 Subscribe Snc-vb600l Subscribe Snc-vb630 Subscribe Snc-vb6305 Subscribe Snc-vb6307 Subscribe Snc-vb632d Subscribe Snc-vb635 Subscribe Snc-vm600 Subscribe Snc-vm600b Subscribe Snc-vm600b5 Subscribe Snc-vm600l Subscribe Snc-vm601 Subscribe Snc-vm601b Subscribe Snc-vm602r Subscribe Snc-vm630 Subscribe Snc-vm6305 Subscribe Snc-vm6307 Subscribe Snc-vm631 Subscribe Snc-vm632r Subscribe Snc-wr600 Subscribe Snc-wr602 Subscribe Snc-wr602c Subscribe Snc-wr602cl Subscribe Snc-wr630 Subscribe Snc-wr632 Subscribe Snc-wr632c Subscribe Snc-xm631 Subscribe Snc-xm631l Subscribe Snc-xm632 Subscribe Snc-xm636 Subscribe Snc-xm637 Subscribe Snc-zb550 Subscribe Snc-zm550 Subscribe Snc-zm551 Subscribe Snc-zp550 Subscribe Snc-zr550 Subscribe Snc Series Firmware Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://jvn.jp/en/vu/JVNVU96435227/index.html
https://www.sony.co.uk/pro/article/sony-new-firmware-for-network-cameras

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2017-04-13T17:00:00.000Z

Updated: 2024-08-06T02:04:56.108Z

Reserved: 2016-09-09T00:00:00.000Z

Link: CVE-2016-7834

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2017-04-13T17:59:00.653

Modified: 2025-04-20T01:37:25.860

Link: CVE-2016-7834

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-200

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object