Longwatch Your Back: Critical Code Injection Flaw in Video Systems!
Attention Longwatch users: your video surveillance system might be watching you! A vulnerability, CVE-2025-13658, allows for remote code execution with SYSTEM-level privileges. It’s like giving hackers a VIP pass to your surveillance party. Industrial Video & Control advises upgrading to version 6.335 or later to keep the gatecrashers out! View CSAF for more details.
Hot Take:
Longwatch may be great for keeping an eye on things, but who’s watching Longwatch? Apparently, not its developers! Instead of watching, they should be patching, because there’s a sneaky vulnerability ready to turn your video surveillance system into a hacker’s playground. Remember folks, if your code has more holes than Swiss cheese, you’re just begging for unwanted guests. Time to upgrade, or your surveillance system might just be surveilling you!
Key Points:
- Industrial Video & Control’s Longwatch has a code injection vulnerability.
- Unauthenticated attackers could gain remote code execution with SYSTEM privileges.
- Affected versions range from 6.309 to 6.334.
- Critical infrastructure sectors like Energy and Water are at risk.
- Mitigation includes upgrading to version 6.335 and using secure network practices.