CVE-2024-6749
📋 TL;DR
The AXIS Camera Station Pro Incident Report feature may expose sensitive credentials stored in the Windows client when credentials are configured for this feature. This affects organizations using AXIS Camera Station Pro with Incident Report functionality enabled and credentials configured. If Incident Report is not used with credentials, the vulnerability does not apply.
💻 Affected Systems
- AXIS Camera Station Pro
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers gain access to camera system credentials, potentially compromising video surveillance systems, accessing sensitive footage, or disrupting security operations.
Likely Case
Local attackers or malware on the Windows client machine could extract credentials, leading to unauthorized access to the camera management system.
If Mitigated
With proper network segmentation and access controls, credential exposure would be limited to the local machine without broader system impact.
🎯 Exploit Status
Exploitation requires access to the Windows client machine where credentials are stored. No remote exploitation vector identified.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Refer to Axis security advisory for specific patched versions
Vendor Advisory: https://www.axis.com/dam/public/e6/e8/1e/cve-2024-6749-en-US-455106.pdf
Restart Required: Yes
Instructions:
1. Download patched version from Axis website
2. Backup current configuration
3. Install update following vendor instructions
4. Restart AXIS Camera Station Pro service
🔧 Temporary Workarounds
Disable Incident Report Credentials
windowsRemove or disable credentials from Incident Report feature configuration
Restrict Local Access
windowsImplement strict access controls on Windows client machines running AXIS Camera Station Pro
🧯 If You Can't Patch
- Disable Incident Report feature entirely if not required
- Implement application whitelisting and endpoint security to prevent credential extraction
🔍 How to Verify
Check if Vulnerable:
Check if Incident Report feature is enabled with credentials configured in AXIS Camera Station Pro settingsCheck Version:
Check version in AXIS Camera Station Pro About dialog or installation directoryVerify Fix Applied:
Verify installed version matches patched version from Axis advisory and Incident Report credentials are properly secured📡 Detection & Monitoring
Log Indicators:
- Unusual access to Incident Report configuration files
- Multiple failed credential attempts on camera systems
Network Indicators:
- Unexpected authentication attempts to camera management interfaces
SIEM Query:
Search for process access to AXIS Camera Station configuration files containing 'incident' or 'report' terms