The web interface accepted older firmware images without checking anti-rollback version. Attacker could downgrade to a version with known hardcoded credentials (V2.8.2), gain root access, then re-upgrade while keeping backdoor.
| Partition | Function | |-----------|----------| | | U-Boot based; initializes hardware, checks integrity of kernel | | Kernel | Custom Linux kernel (often 3.x or 4.x for older series; newer models use 5.x) | | RootFS | SquashFS or UBIFS containing application binaries, web server, CGI scripts | | Configuration | JFFS2 partition for user settings, network config, user database | | Firmware Recovery | Minimal OS for fallback updates (critical for remote devices) | pelco firmware
| Action | Frequency | Tool | |--------|-----------|------| | Check for new firmware | Monthly | Pelco Support Portal | | Test in staging environment | Each release | Virtual Pelco appliance or isolated switch | | Verify signature before upload | Always | openssl dgst -sha256 -verify pubkey.pem -signature sig.bin firmware.pgm | | Backup current config | Before each update | Web UI → Configuration → Export | | Schedule update during maintenance window | Quarterly | PDMS | | Validate after update | Post‑reboot | Check version via SNMP OID .1.3.6.1.4.1.498.1.2.1.0 | Affected: Pelco Spectra Series firmware V2.10.6 and earlier The web interface accepted older firmware images without
Pelco released V2.12.0 with anti-rollback counter. Firmware update now requires explicit force parameter for downgrade, which triggers audit log event. Firmware update now requires explicit force parameter for