{"id":28738,"date":"2022-07-02T05:11:07","date_gmt":"2022-07-02T10:11:07","guid":{"rendered":"https:\/\/learncctv.com\/?p=28738"},"modified":"2022-07-18T15:42:20","modified_gmt":"2022-07-18T20:42:20","slug":"hikvision-critical-vulnerability","status":"publish","type":"post","link":"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/","title":{"rendered":"Hikvision Critical Vulnerability [ Important ]"},"content":{"rendered":"\n

Hikvision administrators have claimed there is “a zero-click vulnerability” in the majority of their security cameras. In this article, you’ll learn about Hikvision Critical Vulnerability.<\/p>\n\n\n\n

Additionally, there is a possibility that an unauthenticated hacker can gain access to your NVR and even internal networks. Details of said Remote Code Execution (RCE) bug in certain Hikvision products that can bypass usernames and passwords have been leaked.<\/p>\n\n\n\n

This exposure can be exploited to the point of gaining access to a device and being able to control it. A hacker can also use said compromised devices to gain further access to internal networks.<\/p>\n\n\n\n

Overall, more than 70 Hikvision cameras<\/a> and NVRs are exposed to this critical vulnerability. And more than 100 million devices were affected by the issue. Want to find out more about the topic? Check out: Are Hikvision cameras secure?<\/a><\/p>\n\n\n\n

How does the Hikvision Critical Vulnerability work?<\/h2>\n\n\n\n

Usually, access to the HTTPS <\/em>server port is the only thing needed. Typically the 80\/443 <\/em>server port is used to target <\/em>Hikvision Critical Vulnerability.<\/p>\n\n\n\n

Passwords and usernames are not necessary for an attacker to target the camera. Plus, they do not rely on the user for any action. And cannot be detected once they log into the camera. <\/p>\n\n\n\n

This vulnerability to bugs has been present in the firmware since 2016 and has been both acknowledged and repaired by Hikvision. The brand also released a security advisory to alert users of at-risk products.<\/p>\n\n\n\n

Why Hikvision Critical Vulnerability happens<\/h3>\n\n\n\n

Because there is insufficient input validation, an attacker can take advantage of this flaw by submitting messages that include malicious commands to initiate a command attack. <\/p>\n\n\n\n

According to Watchful-IP, this flaw enables complete control of the embedded computer and unlimited root access. <\/p>\n\n\n\n

The device owner is only allowed to use a limited “protected shell” (psh), which restricts input to a pre-determined list of limited, vastly informative commands. Yet the attacker can acquire complete control of the device with an unlimited root shell.<\/p>\n\n\n\n

This means that internal networks may also be “accessed and attacked” using the vulnerability.<\/p>\n\n\n\n

Does this vulnerability affect OEM versions? <\/h3>\n\n\n\n

Yes, there will be effects on the OEM versions. Actually, this flaw affects practically all OEM and Hikvision-branded cameras. <\/p>\n\n\n\n

Additionally, hundreds of brands throughout the world will be impacted by the vulnerability since Hikvision cameras<\/a> are so widely used. <\/p>\n\n\n\n

Moreover, the worst thing is that many OEM brands for Hikvision attempt to conceal their affiliation with Hikvision and pass the cameras off as their own, which means they’ll ignore this vulnerability, and many consumers won’t even be aware of it. <\/p>\n\n\n\n

Versions Impacted<\/h2>\n\n\n\n

Below is a list of some of the impacted versions. If you own a camera model listed, its firmware must be updated IMMEDIATELY<\/strong>.<\/p>\n\n\n\n

Product name<\/strong><\/td>Affected version(s)<\/strong><\/td><\/tr>
DS-2CD1x23
DS-2CD1x43(B)
DS-2CD1x43(C)
DS-2CD1x43G0E
DS-2CD1x53(B)
DS-2CD1x53(C)
DS-2CD1xx1
DS-2CD1xx7G0
DS-2CD2x21G0
DS-2CD2xx3G2
DS-2CD2xx6G2
DS-2CD2xx7G2
DS-2CD3x21G0
DS-2CD3x51G0
DS-2CD3xx3G2
DS-2CD3xx6G2
DS-2CD3xx7G0E
DS-2CD3xx7G2
DS-2CD4xx0
DS-2CD4xx6
DS-2CD5xx5
DS-2CD5xx7
DS-2CD7xx6G0
DS-2CD8Cx6G0
DS-2CVxxx1
DS-2CVxxx5
DS-2CVxxx6
DS-2DF5xxxx
DS-2DF6xxxx
DS-2DF6xxxx-Cx
DS-2DF7xxxx
DS-2DF8xxxx
DS-2DF9xxxx
DS-2DYHxxxx
DS-2XC66x5G0
DS-2XE30x6FWD(B)
DS-2XE60x6FWD(B)
DS-2XE62x2F(D)
DS-2XE62x7FWD(D)
DS-2XE64x2F(B)
DS-DY9xxxx
HWI-xxxx
HWP-Nxxxx
IPC-xxxx
KBA18(C)-83x6FWD
PTZ-Nxxxx
iDS-2CD6810
iDS-2DExxxx
iDS-2PT9xxxx
iDS-2PTxxxx
iDS-2SE7xxxx
iDS-2SK7xxxx
iDS-2SK8xxxx
iDS-2SR8xxxx
iDS-2VSxxxx
iDS-2XM6810<\/td>		Versions which Build time before 210625<\/td><\/tr>
DS-2TBxxx
DS-2TD1xxx-xx
DS-2TD2xxx-xx
DS-2TD41xx-xx\/Wx
DS-2TD4xxx-xx\/V2
DS-2TD62xx-xx\/V2
DS-2TD62xx-xx\/Wx
DS-2TD81xx-xx\/V2
DS-2TD81xx-xx\/Wx
DS-2TDxxxxB
DS-Bxxxx<\/td>		Versions which Build time before 210702<\/td><\/tr>
DS-76xxNI-K1xx(C)
DS-76xxNI-Qxx(C)
DS-HiLookI-NVR-1xxMHxx(C)
DS-HiLookI-NVR-2xxMHxx(C)
DS-HiWatchI-HWN-41xxMHxx(C)
DS-HiWatchI-HWN-42xxMHxx(C)<\/td>		V4.30.210 Build201224 \u2013 V4.31.000 Build210511<\/td><\/tr>
DS-71xxNI-Q1xx(C)
DS-HiLookI-NVR-1xxHxx(C)
DS-HiLookI-NVR-1xxMHxx(C)
DS-HiWatchI-HWN-21xxHxx(C)
DS-HiWatchI-HWN-21xxMHxx(C)<\/td>		V4.30.300 Build210221 \u2013 V4.31.100 Build210511<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

Final Thoughts<\/h2>\n\n\n\n

Though Hikvision Critical Vulnerability can be a downside to its products, it does not reflect on the company as a whole as its lineup of products is worth investing in.<\/p>\n\n\n\n

Furthermore, it would be best if you always protected yourself and placed cameras in areas that do not expose your privacy on the occasion that someone can access the footage. Never place any cameras in bedrooms, bathrooms, or other private spaces.<\/p>\n","protected":false},"excerpt":{"rendered":"

Hikvision administrators have claimed there is “a zero-click vulnerability” in the majority of their security cameras. In this article, you’ll learn about Hikvision Critical Vulnerability. Additionally, there is a possibility that an unauthenticated hacker can gain access to your NVR and even internal networks. Details of said Remote Code Execution (RCE) bug in certain Hikvision […]<\/p>\n","protected":false},"author":4,"featured_media":23488,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[118,212],"tags":[],"class_list":["post-28738","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cctv","category-hikvision"],"yoast_head":"\nHikvision Critical Vulnerability [ Important ] - Learn CCTV.com<\/title>\n<meta name=\"description\" content=\"In this article, you'll learn about Hikvision Critical Vulnerability and why it is incredibly dangerous to you and your devices.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hikvision Critical Vulnerability [ Important ] - Learn CCTV.com\" \/>\n<meta property=\"og:description\" content=\"In this article, you'll learn about Hikvision Critical Vulnerability and why it is incredibly dangerous to you and your devices.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/\" \/>\n<meta property=\"og:site_name\" content=\"Learn CCTV.com\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/learncctvnow\" \/>\n<meta property=\"article:published_time\" content=\"2022-07-02T10:11:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-07-18T20:42:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/learncctv.com\/wp-content\/uploads\/2021\/03\/Hikvision-Cube-Wireless-camera1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"450\" \/>\n\t<meta property=\"og:image:height\" content=\"614\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Amanda Martins\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Amanda Martins\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/\",\"url\":\"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/\",\"name\":\"Hikvision Critical Vulnerability [ Important ] - Learn CCTV.com\",\"isPartOf\":{\"@id\":\"https:\/\/learncctv.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/learncctv.com\/wp-content\/uploads\/2021\/03\/Hikvision-Cube-Wireless-camera1.jpg\",\"datePublished\":\"2022-07-02T10:11:07+00:00\",\"dateModified\":\"2022-07-18T20:42:20+00:00\",\"author\":{\"@id\":\"https:\/\/learncctv.com\/#\/schema\/person\/e8f65b25da2fd6dc8d91b835e2f22c25\"},\"description\":\"In this article, you'll learn about Hikvision Critical Vulnerability and why it is incredibly dangerous to you and your devices.\",\"breadcrumb\":{\"@id\":\"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/#primaryimage\",\"url\":\"https:\/\/learncctv.com\/wp-content\/uploads\/2021\/03\/Hikvision-Cube-Wireless-camera1.jpg\",\"contentUrl\":\"https:\/\/learncctv.com\/wp-content\/uploads\/2021\/03\/Hikvision-Cube-Wireless-camera1.jpg\",\"width\":450,\"height\":614,\"caption\":\"Hikvision Cube Wireless camera\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/learncctv.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hikvision Critical Vulnerability [ Important ]\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/learncctv.com\/#website\",\"url\":\"https:\/\/learncctv.com\/\",\"name\":\"Learn CCTV.com\",\"description\":\"The place where you can learn CCTV\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/learncctv.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/learncctv.com\/#\/schema\/person\/e8f65b25da2fd6dc8d91b835e2f22c25\",\"name\":\"Amanda Martins\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/learncctv.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/6ab65fed62f43e85fb55dfaf83803523?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/6ab65fed62f43e85fb55dfaf83803523?s=96&d=mm&r=g\",\"caption\":\"Amanda Martins\"},\"url\":\"https:\/\/learncctv.com\/author\/amandamartinsusagmail-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hikvision Critical Vulnerability [ Important ] - Learn CCTV.com","description":"In this article, you'll learn about Hikvision Critical Vulnerability and why it is incredibly dangerous to you and your devices.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/","og_locale":"en_US","og_type":"article","og_title":"Hikvision Critical Vulnerability [ Important ] - Learn CCTV.com","og_description":"In this article, you'll learn about Hikvision Critical Vulnerability and why it is incredibly dangerous to you and your devices.","og_url":"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/","og_site_name":"Learn CCTV.com","article_publisher":"https:\/\/www.facebook.com\/learncctvnow","article_published_time":"2022-07-02T10:11:07+00:00","article_modified_time":"2022-07-18T20:42:20+00:00","og_image":[{"width":450,"height":614,"url":"https:\/\/learncctv.com\/wp-content\/uploads\/2021\/03\/Hikvision-Cube-Wireless-camera1.jpg","type":"image\/jpeg"}],"author":"Amanda Martins","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Amanda Martins","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/","url":"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/","name":"Hikvision Critical Vulnerability [ Important ] - Learn CCTV.com","isPartOf":{"@id":"https:\/\/learncctv.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/#primaryimage"},"image":{"@id":"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/#primaryimage"},"thumbnailUrl":"https:\/\/learncctv.com\/wp-content\/uploads\/2021\/03\/Hikvision-Cube-Wireless-camera1.jpg","datePublished":"2022-07-02T10:11:07+00:00","dateModified":"2022-07-18T20:42:20+00:00","author":{"@id":"https:\/\/learncctv.com\/#\/schema\/person\/e8f65b25da2fd6dc8d91b835e2f22c25"},"description":"In this article, you'll learn about Hikvision Critical Vulnerability and why it is incredibly dangerous to you and your devices.","breadcrumb":{"@id":"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/learncctv.com\/hikvision-critical-vulnerability\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/#primaryimage","url":"https:\/\/learncctv.com\/wp-content\/uploads\/2021\/03\/Hikvision-Cube-Wireless-camera1.jpg","contentUrl":"https:\/\/learncctv.com\/wp-content\/uploads\/2021\/03\/Hikvision-Cube-Wireless-camera1.jpg","width":450,"height":614,"caption":"Hikvision Cube Wireless camera"},{"@type":"BreadcrumbList","@id":"https:\/\/learncctv.com\/hikvision-critical-vulnerability\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/learncctv.com\/"},{"@type":"ListItem","position":2,"name":"Hikvision Critical Vulnerability [ Important ]"}]},{"@type":"WebSite","@id":"https:\/\/learncctv.com\/#website","url":"https:\/\/learncctv.com\/","name":"Learn CCTV.com","description":"The place where you can learn CCTV","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/learncctv.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/learncctv.com\/#\/schema\/person\/e8f65b25da2fd6dc8d91b835e2f22c25","name":"Amanda Martins","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/learncctv.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/6ab65fed62f43e85fb55dfaf83803523?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/6ab65fed62f43e85fb55dfaf83803523?s=96&d=mm&r=g","caption":"Amanda Martins"},"url":"https:\/\/learncctv.com\/author\/amandamartinsusagmail-com\/"}]}},"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/learncctv.com\/wp-json\/wp\/v2\/posts\/28738"}],"collection":[{"href":"https:\/\/learncctv.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/learncctv.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/learncctv.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/learncctv.com\/wp-json\/wp\/v2\/comments?post=28738"}],"version-history":[{"count":4,"href":"https:\/\/learncctv.com\/wp-json\/wp\/v2\/posts\/28738\/revisions"}],"predecessor-version":[{"id":28800,"href":"https:\/\/learncctv.com\/wp-json\/wp\/v2\/posts\/28738\/revisions\/28800"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/learncctv.com\/wp-json\/wp\/v2\/media\/23488"}],"wp:attachment":[{"href":"https:\/\/learncctv.com\/wp-json\/wp\/v2\/media?parent=28738"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/learncctv.com\/wp-json\/wp\/v2\/categories?post=28738"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/learncctv.com\/wp-json\/wp\/v2\/tags?post=28738"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}