CVE-2023-43755 – Multiple Zavio IP camera models with firmware M... (How to Fix)

Q: What is the severity of CVE-2023-43755?

CVE-2023-43755 has a CVSS score of 9.8 (CRITICAL). Multiple Zavio IP camera models with firmware M2.1.6.05 contain stack-based buffer overflow vulnerabilities in XML parsing. Attackers can send specially crafted network requests to execute arbitrary code remotely. This affects organizations using these specific camera models with vulnerable firmware.

📋 TL;DR

Multiple Zavio IP camera models with firmware M2.1.6.05 contain stack-based buffer overflow vulnerabilities in XML parsing. Attackers can send specially crafted network requests to execute arbitrary code remotely. This affects organizations using these specific camera models with vulnerable firmware.

💻 Affected Systems

Products:

Zavio CF7500
CF7300
CF7201
CF7501
CB3211
CB3212
CB5220
CB6231
B8520
B8220
CD321

Versions: Firmware version M2.1.6.05

Operating Systems: Embedded camera firmware

Default Config Vulnerable: ⚠️ Yes

Notes: All cameras running the specified firmware version are vulnerable regardless of configuration.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise allowing attackers to execute arbitrary code, pivot to internal networks, disable cameras, or use devices as botnet nodes.

🟠

Likely Case

Camera compromise leading to surveillance disruption, data exfiltration, or lateral movement within the network.

🟢

If Mitigated

Limited impact if cameras are isolated in separate VLANs with strict network controls and no internet exposure.

🌐 Internet-Facing: HIGH - Directly exposed cameras can be exploited remotely without authentication.

🏢 Internal Only: HIGH - Attackers with internal network access can exploit these vulnerabilities.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Vulnerability requires sending specially crafted XML requests to the camera's network interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor for updated firmware

Vendor Advisory: https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03

Restart Required: Yes

Instructions:

1. Check current firmware version. 2. Contact Zavio/vendor for updated firmware. 3. Backup camera configuration. 4. Apply firmware update. 5. Reboot camera. 6. Verify updated version.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate cameras in separate VLAN with strict firewall rules

Access Control

all

Block external access to camera management interfaces

🧯 If You Can't Patch

Segment cameras in isolated network with no internet access
Implement strict firewall rules to block all unnecessary inbound traffic to cameras

🔍 How to Verify

Check if Vulnerable:

Check camera web interface or configuration for firmware version M2.1.6.05

Check Version:

Check via camera web interface or vendor-specific CLI commands

Verify Fix Applied:

Verify firmware version is no longer M2.1.6.05 after update

📡 Detection & Monitoring

Log Indicators:

Unusual XML parsing errors
Multiple failed authentication attempts
Unexpected camera reboots

Network Indicators:

Unusual XML traffic to camera ports
Traffic patterns suggesting exploitation attempts

SIEM Query:

source_ip='camera_network' AND (protocol='http' OR protocol='https') AND payload_contains='malformed_xml'

📊 Metadata

CVE ID: CVE-2023-43755

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-121

Published: November 8, 2023

Last Updated: November 21, 2024

🔗 References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03 Third Party Advisory,US Government Resource
https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-43755, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

B8220 Firmware by Zavio

B8520 Firmware by Zavio

Cb3211 Firmware by Zavio

Cb3212 Firmware by Zavio

Cb5220 Firmware by Zavio

Cb6231 Firmware by Zavio

Cd321 Firmware by Zavio

Cf7201 Firmware by Zavio

Cf7300 Firmware by Zavio

Cf7500 Firmware by Zavio

Cf7501 Firmware by Zavio