Critical security vulnerability for Axis products

A critical security vulnerability has been discovered for Axis Communication Inc. products that allow attackers to gain root access without proper authentication.

July 18, 2016

A critical security vulnerability has been discovered for Axis Communication Inc. products that allow attackers to gain root access without proper authentication. Axis has published firmware service releases for the majority of its products to protect against this vulnerability.  

The Genetec products that are affected by this vulnerability include the Security Center Omnicast™ video management system, the Synergis™ access control system as well as the Stratocast™ cloud-based video monitoring system. 

Following the release of the new firmware from Axis, Genetec has tested the compatibility with its entire product portfolio. Genetec now officially supports this new firmware and the included security updates. Clients can now safely update any Axis products affected by this vulnerability.

Please refer to the vulnerability report CVE-2016-AXIS-0705 Remote Format String on the Axis Product Security webpage for the complete list of affected products and firmware.  

Please refer to the Genetec Supported Device List for the exact firmware supported by Security Center.  

Please refer to the Stratocast Supported Device List for the exact firmware supported by Stratocast.