Vulnerabilities ›

CVE-2020-37146

High

CWE-306 — Weakness Type

                    Published: Feb 7, 2026                      ·  Modified: Feb 28, 2026                      ·  Source: NVD                

CVSS v3

7.5

🔗 NVD Official

📄 Description (English)

ACE Security WiP-90113 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration files. Attackers can access the camera's configuration backup by sending a GET request to the /config_backup.bin endpoint, exposing credentials and system settings.

🤖 AI Executive Summary

CVE-2020-37146 is a critical configuration disclosure vulnerability in ACE Security WiP-90113 HD cameras that allows unauthenticated attackers to retrieve sensitive configuration files containing credentials and system settings via an unprotected /config_backup.bin endpoint. This vulnerability poses significant risk to organizations using these cameras for surveillance in critical infrastructure, as exposed credentials can lead to unauthorized access and lateral movement. With a CVSS score of 7.5 and no authentication required, this represents a high-priority threat requiring immediate patching.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: Apr 30, 2026 10:37

🇸🇦 Saudi Arabia Impact Assessment

This vulnerability poses significant risk to Saudi critical infrastructure sectors: (1) Government & NCA facilities using these cameras for physical security and surveillance; (2) Banking sector (SAMA-regulated institutions) using IP cameras in branches and data centers; (3) Energy sector (ARAMCO and related facilities) relying on surveillance systems; (4) Healthcare facilities using these cameras for facility monitoring; (5) Telecom operators (STC, Mobily) using surveillance in network operations centers. Exposed credentials could enable unauthorized facility access, data theft, and lateral movement into connected networks. The lack of authentication requirement makes this particularly dangerous for perimeter security systems.

🏢 Affected Saudi Sectors

Government & National Cybersecurity Authority (NCA) Banking & Financial Services (SAMA-regulated) Energy & Oil/Gas (ARAMCO, related facilities) Healthcare Telecommunications (STC, Mobily, Zain) Critical Infrastructure Transportation & Logistics Retail & Commercial

🎯 MITRE ATT&CK Techniques

T1526 - Network Service Discovery T1592 - Gather Victim Host Information T1589 - Gather Victim Identity Information T1590 - Gather Victim Network Information T1040 - Network Sniffing T1087 - Account Discovery T1110 - Brute Force T1021 - Remote Services T1078 - Valid Accounts T1199 - Trusted Relationship

⚖️ Saudi Risk Score (AI)

8.2

/ 10.0

🔧 Remediation Steps (English)

IMMEDIATE ACTIONS:

1. Identify all ACE Security WiP-90113 HD cameras in your environment using network scanning tools (nmap, Shodan queries for 'ACE Security')

2. Isolate affected cameras from production networks or restrict access to trusted networks only

3. Change all default credentials on affected devices immediately

4. Review access logs for any unauthorized /config_backup.bin requests



PATCHING:

1. Apply the available patch from ACE Security immediately

2. Test patches in non-production environment first

3. Implement a phased rollout to minimize operational disruption



COMPENSATING CONTROLS (if patching delayed):

1. Implement network-level access controls: block external access to camera management interfaces using firewall rules

2. Deploy WAF rules to block requests to /config_backup.bin endpoint

3. Segment cameras on isolated VLAN with restricted access

4. Implement network monitoring to detect suspicious configuration backup requests

5. Disable HTTP access, enforce HTTPS only with strong TLS configuration



DETECTION:

1. Monitor for GET requests to /config_backup.bin in web server logs

2. Alert on any unauthenticated access attempts to camera management interfaces

3. Implement IDS/IPS signatures for ACE Security camera exploitation attempts

4. Monitor for unusual outbound connections from camera IP addresses

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. تحديد جميع كاميرات ACE Security WiP-90113 HD في بيئتك باستخدام أدوات المسح الشبكي (nmap، استعلامات Shodan)

2. عزل الكاميرات المتأثرة عن شبكات الإنتاج أو تقييد الوصول إلى الشبكات الموثوقة فقط

3. تغيير جميع بيانات الاعتماد الافتراضية على الأجهزة المتأثرة فوراً

4. مراجعة سجلات الوصول للكشف عن أي طلبات /config_backup.bin غير مصرح بها

التصحيح:

1. تطبيق التصحيح المتاح من ACE Security فوراً

2. اختبار التصحيحات في بيئة غير الإنتاج أولاً

3. تنفيذ طرح مرحلي لتقليل تعطل العمليات

الضوابط البديلة (إذا تأخر التصحيح):

1. تنفيذ ضوابط الوصول على مستوى الشبكة: حظر الوصول الخارجي إلى واجهات إدارة الكاميرا باستخدام قواعد جدار الحماية

2. نشر قواعد WAF لحظر الطلبات إلى نقطة نهاية /config_backup.bin

3. فصل الكاميرات على VLAN معزول مع وصول مقيد

4. تنفيذ المراقبة الشبكية للكشف عن طلبات نسخ احتياطي للتكوين المريبة

5. تعطيل وصول HTTP، فرض HTTPS فقط مع تكوين TLS قوي

الكشف:

1. مراقبة طلبات GET إلى /config_backup.bin في سجلات خادم الويب

2. التنبيه على أي محاولات وصول غير مصرح بها إلى واجهات إدارة الكاميرا

3. تنفيذ توقيعات IDS/IPS لمحاولات استغلال كاميرات ACE Security

4. مراقبة الاتصالات الخارجية غير العادية من عناوين IP الكاميرا

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.5.1.1 - Information security policies and procedures A.6.1.1 - Access control policy A.6.2.1 - User registration and access rights management A.8.2.1 - Classification of information A.8.2.3 - Handling of assets A.9.1.1 - Access control A.9.2.1 - User access management A.9.4.3 - Password management A.10.1.1 - Cryptography policy A.12.4.1 - Event logging A.12.4.3 - Protection of log information

🔵 SAMA CSF

Governance & Risk Management - Risk Assessment & Management Information & Cybersecurity - Access Control & Authentication Information & Cybersecurity - Data Protection & Encryption Information & Cybersecurity - Monitoring & Incident Management Operational Resilience - Security Operations

🟡 ISO 27001:2022

5.3 - Access control 6.5.2 - Secure development policy 8.1 - Information security risk management 8.2 - Information security risk assessment 8.3 - Information security risk treatment 8.34 - Monitoring, measurement, analysis and evaluation A.5.1 - Policies for information security A.6.1 - Organization of information security A.6.2 - Mobile device and teleworking A.8.1 - Asset management A.9.1 - Access control A.9.2 - User access management A.9.4 - Access control for special user information A.10.1 - Cryptography A.12.4 - Logging

🟣 PCI DSS v4.0.1

Requirement 1 - Firewall configuration standards Requirement 2 - Default security parameters Requirement 6 - Secure development and vulnerability management Requirement 7 - Restrict access to data Requirement 8 - User identification and authentication Requirement 10 - Tracking and monitoring access

🔗 References & Sources 4

🔗

https://acesecurity.jp

disclosure@vulncheck.com

🔗

https://acesecurity.jp/support/top/wip_series/wip-90113

disclosure@vulncheck.com

🔗

https://www.exploit-db.com/exploits/48127

disclosure@vulncheck.com

🔗

https://www.vulncheck.com/advisories/aptina-ar-p-mp-camera-remote-configuration-disclosure

disclosure@vulncheck.com

📊 CVSS Score

7.5

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityN — None / Network

AvailabilityN — None / Network

📋 Quick Facts

Severity High

CVSS Score7.5

CWECWE-306

EPSS0.03%

Exploit No

Patch ✓ Yes

Published 2026-02-07

Source Feed nvd

🇸🇦 Saudi Risk Score

8.2

/ 10.0 — Saudi Risk

Priority: CRITICAL

🏷️ Tags

CWE-306

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2020-37146

💬 Comments

Introduce Yourself

Sign In Required