Samsung Affected

Notified:  June 05, 2013 Updated: October 03, 2013

Status

Affected

Vendor Statement

Pursuant to the security vulnerability issue identified in CERT security notification VU#882286 Samsung Techwin has developed and released firmware to address said vulnerability by removing the cookie upon user log-out. The affected models, firmware versions and URL links are listed below. The firmware download and installation process is contained in the product User Manual. Technical support is available at 1-877-213-1222 and at the Samsung website, https://www.samsung-security.com/ Model Uploaded F/W F/W Download URL Link (click F/W tab) SRD-1640/840 srd-164x-t1-pkg_v1.20h_130905211340.img https://www.samsung-security.com/en/products/video-recording-and-management/dvr/16-channel/SRD-1640.aspx SRD-440/442 srd-440x-t1-pkg_v1.20h_130905211626.img https://www.samsung-security.com/products/video-recording-and-management/dvr/4-channel/SRD-440.aspx SRD-1670/1650/870/850 srd-167x-t7-pkg_v1.30h_130906171722.img https://www.samsung-security.com/products/video-recording-and-management/dvr/16-channel/SRD-1670DC.aspx SRD-1630/830/1610 srd-163x-t7-pkg_v1.30h_130906171722.img https://www.samsung-security.com/products/video-recording-and-management/dvr/16-channel/SRD-1630D.aspx SRD-470 srd-470x-t7-pkg_v1.30h_130906171722.img https://www.samsung-security.com/products/video-recording-and-management/dvr/4-channel/SRD-470D.aspx SRD-1652D/852D srd-165x-t7-pkg_v1.30h_130906171813.img https://www.samsung-security.com/products/video-recording-and-management/dvr/16-channel/SRD-1652D.aspx SRD-1673/873/1653 srd-1673-t1-pkg_v1.20h_130909203036.img https://www.samsung-security.com/products/video-recording-and-management/dvr/16-channel/SRD-1673D.aspx SRD-1654/854/473** srd-1654-t1-pkg_v1.10h_130909203103.img http://www.samsungsecurity.com/product/product_view.asp?idx=6922&cid=64&clvl=0#FL060000 ** This models series is not released in the North America market.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References