CVE-2020-11623
Description
An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. An attacker with physical access to the UART interface could access additional diagnostic and configuration functionalities as well as the camera's bootloader. Successful exploitation could compromise confidentiality, integrity, and availability of the affected system. It could even render the device inoperable.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
AvertX HD838 and HD438 IP cameras expose a dangerous UART interface, allowing attackers with physical access to compromise device integrity and availability.
Vulnerability
The AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438 expose a dangerous Universal Asynchronous Receiver-Transmitter (UART) interface. This interface provides access to additional diagnostic and configuration functionalities as well as the camera's bootloader, without requiring authentication [1].
Exploitation
An attacker with physical access to the device can connect to the UART interface and interact with the bootloader and diagnostic/config functions. No special skills or tools beyond a UART adapter are required. The attacker does not need any prior authentication or user interaction.
Impact
Successful exploitation allows the attacker to read and modify device configurations, reset the camera to factory defaults, or completely render the device inoperable. This compromises the confidentiality, integrity, and availability of the device [1].
Mitigation
No official firmware patch has been disclosed in the available references. Physical access controls, such as securing the camera's physical location and disabling or locking the UART interface if possible, are the primary mitigations. Until a fix is released, devices remain vulnerable [1].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- AvertX/Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838description
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- unit42.paloaltonetworks.com/avertx-ip-cameras-vulnerabilities/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.