Researchers from FortiGuard Labs are alerting the public to an increase in malicious attacks against TBK DVR devices. Threat actors are attempting to take advantage of a TBK DVR device vulnerability that has been tracked for five years as CVE-2018-9995. A mistake made handling an HTTP cookie that was purposefully created maliciously is the cause of the CVE-2018-9995 issue. The vulnerability allows a remote attacker to take advantage of administrative rights and eventually access camera video feeds.
For the security of critical infrastructure sites, TBK Vision is a video surveillance company that offers network CCTV systems and other associated technology, including DVRs. The company claims to have installed more than 600,000 cameras and 50,000 recorders worldwide in a variety of industries, including banking, retail, government, etc.