gSOAP Devils Ivy Notice

August 8, 2017

This important alert is concerning certain systems and devices leveraging communications software known as “gSOAP” from Genivia, Inc., that may be vulnerable to a bug that can be remotely exploited to gain control of an affected system or cause a denial of service attack.

Certain systems and devices leveraging communications software known as “gSOAP” from Genivia, Inc. may be vulnerable to a bug that can be remotely exploited to gain control of an affected system or cause a denial of service attack. This vulnerability is commonly known as “Devil’s Ivy.” The most current information can be found at the NIST Website.

Manufacturers of network cameras and other [primarily] Linux-based devices that use this software are in the process of identifying affected products and releasing patches.

It is important to check with the manufacturer(s) of affected and suspect systems directly, and apply updates per their recommendations. As of the date of this post, Vector is aware of statements from the following manufacturers:

  • Arecont: Not affected
  • Avigilon: Affected. Patches released.
  • Axis: Affected. Patches released.
  • Bosch: Not affected
  • Exacq: Affected. Patches pending.
  • Ganz: Not affected
  • Genetec: Not affected
  • Hanwha: Not vulnerable
  • Hikvision: Not affected
  • Milestone: Affected. Patches pending.
  • Panasonic: Not affected
  • Pelco: Not vulnerable
  • Vivotek: Not affected

Vector Security is available to assist with patching or upgrading systems. For details, or to schedule a service appointment, please contact your local representative or our corporate office.

About Vector Security

For nearly 50 years, Vector Security, Inc. (www.vectorsecurity.com) has been a premier provider of intelligent security solutions tailored to the needs of the customer. Headquartered in Pittsburgh, the company offers a full suite of electronic security services for residential, business and national account customers across North America and the Caribbean through a network of branches, authorized dealers and their ADS Security division. The Vector Security Networks division offers customized physical security and managed network services to multi-site commercial customers. Vector Security is a sister company of the Philadelphia Contributionship, a mutual insurance company founded in 1752, and currently provides cost-effective, technology-based security and automation solutions to nearly 400,000 homes and businesses across 58 branch locations.