Security Advisories
Release Date 7th September 2021. Overview Due to a recent "secure by design" architecture change of all Ava Camera. The decision was made to mo...
Tue, 7 Sep, 2021 at 9:09 AM
Release Date 7th September 2021. Overview Due to a vulnerability in the Go crypto/tls package, if Ava Aware or an Ava camera was to perform a secure TLS ...
Tue, 7 Sep, 2021 at 9:07 AM
Release Date 06 Sept 2021. Overview The iOS app persists data related to cameras, alarms etc. on the mobile device even after the user logs out. So if th...
Mon, 6 Sep, 2021 at 2:17 PM
Release Date 9th Aug 2021. Overview When running the camera in verbose debugging mode RTSP credentials may be logged. Affected Products Ava Cameras: ...
Mon, 9 Aug, 2021 at 9:49 AM
Release Date 14th July 2021. Overview An API endpoint of the Ava Camera could be used to view some internal metrics of the camera without authentication....
Wed, 14 Jul, 2021 at 10:36 AM
Release Date 12th July. Overview This is an extension of Ava-418 which contains various security patches to internal API, physical Access Control integra...
Mon, 12 Jul, 2021 at 2:25 PM
Release Date 18th June 2021. Overview Due to a vulnerability in the Go `archive/zip` package, an authenticated Aware user with the permission to Add/Edit...
Mon, 21 Jun, 2021 at 5:42 PM
Release Date 21st June 2021 Overview If malicious HTTP server sends a response with very large headers, this can cause a stack overflow leading to a pani...
Mon, 21 Jun, 2021 at 3:54 PM
Release Date 25th May 2021. Overview An authenticated Ava Aware user with the relevant webhook edit permission would have been able to craft a malicious
...
Fri, 4 Jun, 2021 at 2:28 PM
Release Date 26th May 2021. Overview An authenticated Ava Aware user could create and delete rules and counting
areas without the appropriate permissions...
Fri, 4 Jun, 2021 at 2:27 PM