📄 الوصف (الإنجليزية)
ACE Security WiP-90113 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration files. Attackers can access the camera's configuration backup by sending a GET request to the /config_backup.bin endpoint, exposing credentials and system settings.
🤖 ملخص AI
CVE-2020-37146 is a critical configuration disclosure vulnerability in ACE Security WiP-90113 HD cameras that allows unauthenticated attackers to retrieve sensitive configuration files containing credentials and system settings via an unprotected /config_backup.bin endpoint. This vulnerability poses significant risk to organizations using these cameras for surveillance in critical infrastructure, as exposed credentials can lead to unauthorized access and lateral movement. With a CVSS score of 7.5 and no authentication required, this represents a high-priority threat requiring immediate patching.
📄 الوصف (العربية)
🤖 التحليل الذكي آخر تحليل: Apr 30, 2026 10:37
🇸🇦 التأثير على المملكة العربية السعودية
This vulnerability poses significant risk to Saudi critical infrastructure sectors: (1) Government & NCA facilities using these cameras for physical security and surveillance; (2) Banking sector (SAMA-regulated institutions) using IP cameras in branches and data centers; (3) Energy sector (ARAMCO and related facilities) relying on surveillance systems; (4) Healthcare facilities using these cameras for facility monitoring; (5) Telecom operators (STC, Mobily) using surveillance in network operations centers. Exposed credentials could enable unauthorized facility access, data theft, and lateral movement into connected networks. The lack of authentication requirement makes this particularly dangerous for perimeter security systems.
🏢 القطاعات السعودية المتأثرة
Government & National Cybersecurity Authority (NCA)
Banking & Financial Services (SAMA-regulated)
Energy & Oil/Gas (ARAMCO, related facilities)
Healthcare
Telecommunications (STC, Mobily, Zain)
Critical Infrastructure
Transportation & Logistics
Retail & Commercial
🎯 تقنيات MITRE ATT&CK
T1526 - Network Service Discovery
T1592 - Gather Victim Host Information
T1589 - Gather Victim Identity Information
T1590 - Gather Victim Network Information
T1040 - Network Sniffing
T1087 - Account Discovery
T1110 - Brute Force
T1021 - Remote Services
T1078 - Valid Accounts
T1199 - Trusted Relationship
⚖️ درجة المخاطر السعودية (AI)
8.2
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:
1. Identify all ACE Security WiP-90113 HD cameras in your environment using network scanning tools (nmap, Shodan queries for 'ACE Security')
2. Isolate affected cameras from production networks or restrict access to trusted networks only
3. Change all default credentials on affected devices immediately
4. Review access logs for any unauthorized /config_backup.bin requests
PATCHING:
1. Apply the available patch from ACE Security immediately
2. Test patches in non-production environment first
3. Implement a phased rollout to minimize operational disruption
COMPENSATING CONTROLS (if patching delayed):
1. Implement network-level access controls: block external access to camera management interfaces using firewall rules
2. Deploy WAF rules to block requests to /config_backup.bin endpoint
3. Segment cameras on isolated VLAN with restricted access
4. Implement network monitoring to detect suspicious configuration backup requests
5. Disable HTTP access, enforce HTTPS only with strong TLS configuration
DETECTION:
1. Monitor for GET requests to /config_backup.bin in web server logs
2. Alert on any unauthenticated access attempts to camera management interfaces
3. Implement IDS/IPS signatures for ACE Security camera exploitation attempts
4. Monitor for unusual outbound connections from camera IP addresses
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. تحديد جميع كاميرات ACE Security WiP-90113 HD في بيئتك باستخدام أدوات المسح الشبكي (nmap، استعلامات Shodan)
2. عزل الكاميرات المتأثرة عن شبكات الإنتاج أو تقييد الوصول إلى الشبكات الموثوقة فقط
3. تغيير جميع بيانات الاعتماد الافتراضية على الأجهزة المتأثرة فوراً
4. مراجعة سجلات الوصول للكشف عن أي طلبات /config_backup.bin غير مصرح بها
التصحيح:
1. تطبيق التصحيح المتاح من ACE Security فوراً
2. اختبار التصحيحات في بيئة غير الإنتاج أولاً
3. تنفيذ طرح مرحلي لتقليل تعطل العمليات
الضوابط البديلة (إذا تأخر التصحيح):
1. تنفيذ ضوابط الوصول على مستوى الشبكة: حظر الوصول الخارجي إلى واجهات إدارة الكاميرا باستخدام قواعد جدار الحماية
2. نشر قواعد WAF لحظر الطلبات إلى نقطة نهاية /config_backup.bin
3. فصل الكاميرات على VLAN معزول مع وصول مقيد
4. تنفيذ المراقبة الشبكية للكشف عن طلبات نسخ احتياطي للتكوين المريبة
5. تعطيل وصول HTTP، فرض HTTPS فقط مع تكوين TLS قوي
الكشف:
1. مراقبة طلبات GET إلى /config_backup.bin في سجلات خادم الويب
2. التنبيه على أي محاولات وصول غير مصرح بها إلى واجهات إدارة الكاميرا
3. تنفيذ توقيعات IDS/IPS لمحاولات استغلال كاميرات ACE Security
4. مراقبة الاتصالات الخارجية غير العادية من عناوين IP الكاميرا
📋 خريطة الامتثال التنظيمي
🟢 NCA ECC 2024
A.5.1.1 - Information security policies and procedures
A.6.1.1 - Access control policy
A.6.2.1 - User registration and access rights management
A.8.2.1 - Classification of information
A.8.2.3 - Handling of assets
A.9.1.1 - Access control
A.9.2.1 - User access management
A.9.4.3 - Password management
A.10.1.1 - Cryptography policy
A.12.4.1 - Event logging
A.12.4.3 - Protection of log information
🔵 SAMA CSF
Governance & Risk Management - Risk Assessment & Management
Information & Cybersecurity - Access Control & Authentication
Information & Cybersecurity - Data Protection & Encryption
Information & Cybersecurity - Monitoring & Incident Management
Operational Resilience - Security Operations
🟡 ISO 27001:2022
5.3 - Access control
6.5.2 - Secure development policy
8.1 - Information security risk management
8.2 - Information security risk assessment
8.3 - Information security risk treatment
8.34 - Monitoring, measurement, analysis and evaluation
A.5.1 - Policies for information security
A.6.1 - Organization of information security
A.6.2 - Mobile device and teleworking
A.8.1 - Asset management
A.9.1 - Access control
A.9.2 - User access management
A.9.4 - Access control for special user information
A.10.1 - Cryptography
A.12.4 - Logging
🟣 PCI DSS v4.0.1
Requirement 1 - Firewall configuration standards
Requirement 2 - Default security parameters
Requirement 6 - Secure development and vulnerability management
Requirement 7 - Restrict access to data
Requirement 8 - User identification and authentication
Requirement 10 - Tracking and monitoring access
🔗 المراجع والمصادر 4
🔗
🔗
🔗
🔗
https://acesecurity.jp
disclosure@vulncheck.com
https://acesecurity.jp/support/top/wip_series/wip-90113
disclosure@vulncheck.com
https://www.exploit-db.com/exploits/48127
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/aptina-ar-p-mp-camera-remote-configuration-disclosure
disclosure@vulncheck.com