CVE-2018-10658

high-risk

Published 2018-06-26

There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.

Do I need to act?

0.60% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (20)

P5515-E Firmware

P5522 Firmware

P5522-E Firmware

P5532 Firmware

P5532-E Firmware

P5534 Firmware

P5534-E Firmware

P5544 Firmware

P5624-E Firmware

P5624-E Mk Ii Firmware

P5635-E Firmware

P5635-E Mk Ii Firmware

P5635-Ze Firmware

P7210 Firmware

P7214 Firmware

P7216 Firmware

P7224 Blade Firmware

P8513 Firmware

P8514 Firmware

P8524 Firmware

Affected Vendors

Axis

References (6)

Exploit https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-a...

Vendor Advisory https://www.axis.com/files/faq/Advisory_ACV-128401.pdf

Vendor Advisory https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf

Exploit https://blog.vdoo.com/2018/06/18/vdoo-discovers-significant-vulnerabilities-in-a...

Vendor Advisory https://www.axis.com/files/faq/Advisory_ACV-128401.pdf

Vendor Advisory https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf

/ 100

high-risk

Severity 26/34 · High

Exploitability 2/34 · Minimal

Exposure 33/34 · Critical