SONY

close

Network Video Management System

Article number: 000013322
Product: SOW-E 2016-R3, HAW-E 2016-R3, SOW-E 2017-R2, HAW-E 2017-R2
Version: 1
First published: May/20/2019
Last modified: May/20/2019

NVMS Configuration API security vulnerability

Summary

When the NVMS Configuration API is used to modify security settings, it fails to perform the necessary security checks. There are hotfixes available for versions 2016-R3 through 2017-R2.

Symptoms

  1. Missing authorization validation when changing device properties (Version 2016-R3 and 2017-R2)

  2. Incorrect authorization validation when changing role security (Version 2017-R2)

Cause

We have identified three related vulnerabilities in the NVMS Configuration API that can cause an elevation of privileges and affect the Management Server's security if exploited in Network Video Management System Enterprise Edition.

Steps to apply the hotfix for NVMS Enterprise Edition 2016-R3

Apply the hotfix in the following sequence -- first to Recording Server(s), next to Management Server, finally to Management Client(s). Do not forget to apply the Recording Server patch also to the Failover Recording Server (if you are using a Failover Server).

[Recording Server]

  1. Stop the Recording Server service, and exit the Recording Server Manager in the task tray

  2. Go to C:\Program Files\Sony\- Network VMS Recording Server\

  3. Create a backup of the following files:
    "VideoOS.IO.Drivers.dll"
    "VideoOS.Recorder.Service.exe"
    "VideoOS.Recorder.dll"
    "VideoOS.Common.Integration.dll"
    "GenuineChannels.dll"

  4. Replace the following files with the hotfixed ones:
    "VideoOS.IO.Drivers.dll"
    "VideoOS.Recorder.Service.exe"
    "VideoOS.Recorder.dll"
    "VideoOS.Common.Integration.dll"
    "GenuineChannels.dll"

  5. Go to C:\Program Files\Sony\- Network VMS Recording Server\Drivers\

  6. Create a backup of the file "VideoOS.IO.Drivers.Interop.dll"

  7. Replace the file "VideoOS.IO.Drivers.Interop.dll" with the hotfixed one

  8. Start the Recording Server service, and start the Recording Server Manager in the task tray

[Management Server]

  1. Stop the Management Server service, and exit the Management Server Manager in the task tray

  2. Go to C:\Program Files\Sony\- Network VMS Management Server\

  3. Create a backup of the following files:
    "VideoOS.Server.dll"
    "VideoOS.Common.Integration.dll"
    "VideoOS.Management.Server.dll"
    "GenuineChannels.dll"

  4. Replace the following files with the hotfixed ones:
    "VideoOS.Server.dll"
    "VideoOS.Management.Server.dll"
    "VideoOS.Common.Integration.dll"
    "GenuineChannels.dll"

  5. Go to C:\Program Files\Sony\- Network VMS Management Server\IIS\ManagementServer\bin\

  6. Create a backup of the following files:
    "VideoOS.Management.Server.dll"
    "VideoOS.Common.Integration.dll"

  7. Replace the following files with the hotfixed ones:
    "VideoOS.Management.Server.dll"
    "VideoOS.Common.Integration.dll"

  8. Start the Management Server service, and start the Management Server Manager in the task tray

[Management Client]

  1. Close the Management Client

  2. Go to C:\Program Files\Sony\- Network VMS Management Client\

  3. Create a backup of the following files:
    "VideoOS.Common.Integration.dll"
    "VideoOS.Administration.Controls.dll"

  4. Replace the following files with the hotfixed ones:
    "VideoOS.Common.Integration.dll"
    "VideoOS.Administration.Controls.dll"

  5. Start the Management Client

Steps to apply the hotfix for NVMS Enterprise Edition 2017-R2

Apply the hotfix in the following sequence -- first to Recording Server(s), next to Management Server, finally to Management Client(s). Do not forget to apply the Recording Server patch also to the Failover Recording Server (if you are using a Failover Server).

[Recording Server]

  1. Stop the Recording Server service, and exit the Recording Server Manager in the task tray

  2. Go to C:\Program Files\Sony\- Network VMS Recording Server\

  3. Create a backup of the following files:
    "VideoOS.Recorder.Service.exe"
    "VideoOS.Recorder.dll"
    "VideoOS.Common.Integration.dll"
    "GenuineChannels.dll"

  4. Replace the following files with the hotfixed ones:
    "VideoOS.Recorder.Service.exe"
    "VideoOS.Recorder.dll"
    "VideoOS.Common.Integration.dll"
    "GenuineChannels.dll"

  5. Start the Recording Server service, and start the Recording Server Manager in the task tray

[Management Server]

  1. Stop the Management Server service, and exit the Management Server Manager in the task tray

  2. Go to C:\Program Files\Sony\- Network VMS Management Server\

  3. Create a backup of the following files:
    "VideoOS.Server.dll"
    "VideoOS.Common.Integration.dll"
    "VideoOS.Management.Server.dll"
    "GenuineChannels.dll"

  4. Replace the following files with the hotfixed ones:
    "VideoOS.Server.dll"
    "VideoOS.Management.Server.dll"
    "VideoOS.Common.Integration.dll"
    "GenuineChannels.dll"

  5. Go to C:\Program Files\Sony\- Network VMS Management Server\IIS\ManagementServer\bin\

  6. Create a backup of the following files:
    "VideoOS.Management.Server.dll"
    "VideoOS.Common.Integration.dll"

  7. Replace the following files with the hotfixed ones:
    "VideoOS.Management.Server.dll"
    "VideoOS.Common.Integration.dll"

  8. Start the Management Server service, and start the Management Server Manager in the task tray

[Management Client]

  1. Close the Management Client

  2. Go to C:\Program Files\Sony\- Network VMS Management Client\

  3. Create a backup of the file "VideoOS.Common.Integration.dll"

  4. Replace the file "VideoOS.Common.Integration.dll" with the hotfixed one

  5. Start the Management Client

Resolution

For the versions mentioned above, please use the hotfixes.

Download link

The hotfix download link is not published. Contact your local dealer for more support.