A high-severity information disclosure vulnerability in Siemens Siveillance Video Device Pack (formerly Milestone XProtect Device Pack) exposes camera credentials in driver log files on the Recording Server. Published January 14, 2025, this flaw allows attackers with local access to read sensitive authentication data under specific conditions. The vulnerability carries a CVSS 3.1 score of 7.8 (HIGH severi [truncated]
A buffer overflow vulnerability exists in selected camera drivers within the Siemens Siveillance Video Device Pack (formerly XProtect Device Pack). An attacker with internal network access can potentially execute commands on the Recording Server under strict conditions. The vulnerability was disclosed on October 10, 2024, and last modified on May 6, 2025. CISA assigned this issue a CVSS 3.1 score of 6.7 ( [truncated]
