Hikvision IP Cameras Vulnerability

Last Update Date: 8 May 2017 10:55 Release Date: 8 May 2017 3865 Views

RISK: Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability has been identified in Hikvision IP Cameras, which can be exploited by remote attacker to bypass authentication on the target system.

Impact

Elevation of Privilege
Security Restriction Bypass
Information Disclosure

System / Technologies affected

DS-2CD2xx2F-I Series
- V5.2.0 build 140721 to V5.4.0 build 160530
DS-2CD2xx0F-I Series
- V5.2.0 build 140721 to V5.4.0 Build 160401
DS-2CD2xx2FWD Series
- V5.3.1 build 150410 to V5.4.4 Build 161125
DS- 2CD4x2xFWD Series
- V5.2.0 build 140721 to V5.4.0 Build 160414
DS-2CD4xx5 Series
- V5.2.0 build 140721 to V5.4.0 Build 160421
DS-2DFx Series
- V5.2.0 build 140805 to V5.4.5 Build 160928
DS-2CD63xx Series
- V5.0.9 build 140305 to V5.3.5 Build 160106

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Update to fixed firmware version

Vulnerability Identifier

Source

US-CERT

Related Link

https://ics-cert.us-cert.gov/advisories/ICSA-17-124-01

Share with

Dahua Digital Video Recorders and IP Cameras Vulnerability

8 May 2017 3269 Views

Microsoft Remote Code Execution Vulnerability

9 May 2017 3397 Views