Axis Communications Not Affected

Notified:  February 09, 2016 Updated: February 12, 2016

Statement Date:   February 12, 2016

Status

Not Affected

Vendor Statement

"Axis does not use nor include any of the code or products [RaySharp] described".

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

COP USA Unknown

Notified:  September 09, 2015 Updated: February 17, 2016

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

CWD Unknown

Notified:  September 23, 2015 Updated: February 17, 2016

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

CWD makes Defender-USA products.

Hanwha Not Affected

Notified:  February 09, 2016 Updated: February 12, 2016

Statement Date:   February 12, 2016

Status

Not Affected

Vendor Statement

"Our product do not use firmware from Zhuhai RaySharp."

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

KGuard Security Unknown

Notified:  September 09, 2015 Updated: February 17, 2016

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Konig Electronics Unknown

Notified:  September 23, 2015 Updated: February 17, 2016

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Lorex Corporation Unknown

Notified:  September 09, 2015 Updated: February 17, 2016

Status

Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Swann Affected

Notified:  September 22, 2015 Updated: February 19, 2016

Statement Date:   February 19, 2016

Status

Affected

Vendor Statement

"We are reaching out to Raysharp for firmware updates to further secure the older units but as the technology they were based on is now well and truly out of production this will take some time. Until such time as Swann are able to secure updated firmware for these models we recommend that the units are disconnected from the user's network to prevent malicious access. If the user requires remote access to their unit then we recommend that the user changes the numbers of the internal network "Ports" to use non-standard values that are not easily discovered and make random access very difficult. Swann's Tech Center can help guide users through this process if necessary."

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

While some Swann models use Raysharp code, Swann has stated that they do not use the same default hard-coded credentials provided by Raysharp. However, the credentials are still hard-coded.

Zhuhai RaySharp Affected

Notified:  September 09, 2015 Updated: February 17, 2016

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.