Login Sign Up

CVE-2022-31209

9.8 CRITICAL
Remote Code Execution Buffer Overflow

📋 TL;DR

This vulnerability in Infiray IRAY-A8Z3 thermal camera firmware allows remote attackers to execute arbitrary code via buffer overflow. Attackers can exploit the strcpy() function without length checking to overwrite memory and potentially take control of the device. All users of affected firmware versions are at risk.

💻 Affected Systems

Products:
  • Infiray IRAY-A8Z3 Thermal Camera
Versions: 1.0.957 and likely earlier versions
Operating Systems: Embedded Linux-based firmware
Default Config Vulnerable: ⚠️ Yes
Notes: All devices running vulnerable firmware are affected regardless of configuration.

📦 What is this software?

Iray A8z3 Firmware by Infiray

View all CVEs affecting Iray A8z3 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, camera manipulation, network pivoting, or disabling of security monitoring capabilities.

🟠

Likely Case

Device crash/reboot causing temporary loss of thermal imaging functionality, or limited code execution for reconnaissance.

🟢

If Mitigated

Denial of service if exploit fails but triggers crash, or no impact if network segmentation prevents access.

🌐 Internet-Facing: HIGH - Thermal cameras are often deployed on network perimeters with internet exposure for remote monitoring.
🏢 Internal Only: MEDIUM - Still vulnerable to internal attackers or compromised internal systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW - Buffer overflow via strcpy() is a well-understood vulnerability class.

No public exploit code found, but the vulnerability type is straightforward to weaponize.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: No vendor advisory found

Restart Required: Yes

Instructions:

1. Contact Infiray support for firmware updates. 2. If update available, download from official source. 3. Follow Infiray firmware update procedures. 4. Reboot device after update.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate thermal cameras on separate VLAN with strict firewall rules.

Disable Unnecessary Services

all

Turn off any unused network services on the camera to reduce attack surface.

🧯 If You Can't Patch

  • Segment cameras on isolated network with no internet access
  • Implement strict firewall rules allowing only necessary traffic to/from cameras

🔍 How to Verify

Check if Vulnerable:

Check firmware version via camera web interface or SSH if enabled. Compare against vulnerable version 1.0.957.

Check Version:

Check via web interface at http://[camera-ip]/ or SSH command if available

Verify Fix Applied:

Verify firmware version is updated beyond 1.0.957 via same methods.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected device reboots
  • Memory error messages in system logs
  • Unusual network connections to camera

Network Indicators:

  • Unusual traffic patterns to camera ports
  • Large payloads sent to camera services

SIEM Query:

source="camera_logs" AND ("segmentation fault" OR "buffer overflow" OR "strcpy")

📊 Metadata

CVE ID: CVE-2022-31209
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-120
Published: July 17, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-31209, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)
CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)
CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)