• About
  • Contact
  • Privacy Policy
SecurityCamCenter.com
  • Home
  • Buying Guide
  • Learning & Tips
  • Technical Guides
  • Security Tips
  • Downloads
  • CCTV Glossary
No Result
View All Result
SecurityCamCenter.com
No Result
View All Result
Home Technical Hikvision

Hikvision 2021 Critical Vulnerability

September 23, 2021
in Hikvision

Hikvision officials have admitted that there’s a zero-click vulnerability in many of their security cameras and NVRs that could allow an unauthenticated attacker to gain full access to the device and possibly internal networks.

The researcher, dubbed ‘Watchful_IP’, has released details of the unauthenticated remote code execution (RCE) bug in certain products from Hikvision that bypasses the device’s username and password.

The vulnerability can be exploited to gain root access and take full control of a device. An attacker could also use compromised devices to access internal networks. “Given the deployment of these cameras at sensitive sites potentially even critical infrastructure is at risk,” the researcher warned.

In total, more than 70 Hikvision camera and NVR models are affected by a critical vulnerability and according to IPVM, more than 100 million devices are impacted.

Hikvision 2021 Critical Vulnerability

How the Hikvision 2021 Critical Vulnerability works?

“Watchful_IP”, the researcher, describes it as simple to exploit: Only access to the http(s) server port (typically 80/443) is needed. No username or password needed nor any actions need to be initiated by the camera owner. It will not be detectable by any logging on the camera itself.

The researcher refused to release a full Proof of Concept, but Hikvision describes it as the result of “send[ing] a specially crafted message”. A CVE has been reserved (CVE-2021-36260).

The researcher claims that firmware has been susceptible to the bug since as far back as 2016. Hikvision has acknowledged the findings and has patched the issue. The company has also released a security advisory detailing which products are at risk.

A summary reads: “Due to the insufficient input validation, an attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.”

This vulnerability provides total control of the embedded computer’ in these devices with unrestricted root shell access, according to Watchful-IP:

This permits an attacker to gain full control of a device with an unrestricted root shell, which is far more access than even the owner of the device has as they are restricted to a limited “protected shell” (psh) which filters input to a predefined set of limited, mostly informational commands.

This means as the researcher pointed out, that the vulnerability can be used to “access and attack” internal networks as well as launch denial of service attacks across the Internet.

Are the OEM versions impacted by this vulnerability?

Yes, even the OEM version will be impacted. And because Hikvision cameras are so widespread, the vulnerability will impact hundreds of brands worldwide. Check out the Hikvision OEM directory in this link.

The worst part is that many Hikvision OEM brands try to hide their relationship with Hikvision and pass the cameras as their own, meaning they’ll disregard this vulnerability and many users will not even realize it.

Affected versions and resolved version

Some of the affected versions are listed below. Actually, almost all Hikvision logo and OEM cameras are prone to this vulnerability. If you got such camera, you need to IMMEDIATLY update the firmware.

Product name Affected version(s)
DS-2CVxxx1
DS-2CVxxx5
DS-2CVxxx6
Versions which Build time before 210625
HWI-xxxx
IPC-xxxx
DS-2CD1xx1
DS-2CD1x23
DS-2CD1x43(B)
DS-2CD1x43(C)
DS-2CD1x43G0E
DS-2CD1x53(B)
DS-2CD1x53(C)
DS-2CD1xx7G0
DS-2CD2xx6G2
DS-2CD2xx7G2
DS-2CD2x21G0
DS-2CD2xx3G2
DS-2CD3xx6G2
DS-2CD3xx7G2
DS-2CD3xx7G0E
DS-2CD3x21G0
DS-2CD3x51G0
DS-2CD3xx3G2
DS-2CD4xx0
DS-2CD4xx6
DS-2CD5xx7
DS-2CD5xx5
iDS-2XM6810
iDS-2CD6810
DS-2XE62x7FWD(D)
DS-2XE30x6FWD(B)
DS-2XE60x6FWD(B)
DS-2XE62x2F(D)
DS-2XC66x5G0
DS-2XE64x2F(B)
DS-2CD7xx6G0
DS-2CD8Cx6G0
KBA18(C)-83x6FWD
(i)DS-2DExxxx
(i)DS-2PTxxxx
(i)DS-2SE7xxxx
DS-2DYHxxxx
DS-DY9xxxx
PTZ-Nxxxx
HWP-Nxxxx
DS-2DF5xxxx
DS-2DF6xxxx
DS-2DF6xxxx-Cx
DS-2DF7xxxx
DS-2DF8xxxx
DS-2DF9xxxx
iDS-2PT9xxxx
iDS-2SK7xxxx
iDS-2SK8xxxx
iDS-2SR8xxxx
iDS-2VSxxxx
DS-2TBxxx
DS-Bxxxx
DS-2TDxxxxB
Versions which Build time before 210702
DS-2TD1xxx-xx
DS-2TD2xxx-xx
DS-2TD41xx-xx/Wx
DS-2TD62xx-xx/Wx
DS-2TD81xx-xx/Wx
DS-2TD4xxx-xx/V2
DS-2TD62xx-xx/V2
DS-2TD81xx-xx/V2
DS-76xxNI-K1xx(C)
DS-76xxNI-Qxx(C)
DS-HiLookI-NVR-1xxMHxx(C)
DS-HiLookI-NVR-2xxMHxx(C)
DS-HiWatchI-HWN-41xxMHxx(C)
DS-HiWatchI-HWN-42xxMHxx(C)
V4.30.210 Build201224 – V4.31.000 Build210511
DS-71xxNI-Q1xx(C)
DS-HiLookI-NVR-1xxMHxx(C)
DS-HiLookI-NVR-1xxHxx(C)
DS-HiWatchI-HWN-21xxMHxx(C)
DS-HiWatchI-HWN-21xxHxx(C)
V4.30.300 Build210221 – V4.31.100 Build210511

Related Posts

Hikvison How-To

How to Delete a Hik-Connect Device Using a PC

April 8, 2022
Hikvison How-To

How to add device into Hik-Connect app (2022 Working Version)

April 8, 2022
Hikvison How-To

Hikvision NVR Green Screen Issue

February 15, 2022
Hikvison How-To

Hik-Connect: Video playing failed. Error Code: (260015) (QUICK FIX)

May 11, 2022
Hikvison How-To

How to Add Device to Hik-ProConnect

February 5, 2022
Hikvison How-To

How to create HTTPS on Hikvision NVR (or IP camera)

February 5, 2022
Load More

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest articles

TV

How To Fix Samsung TV Error Code 116 (2022 Fix)

June 22, 2022
Arlo

How to reset Arlo camera (Ultimate Guide 2022)

June 11, 2022
Arlo

Arlo Camera Stuck On Firmware Update (Quick Fix)

June 10, 2022
Arlo

Arlo Error Code 4206 (Quick Fix)

June 8, 2022
How To Fix

How to tell if Ring Doorbell is recording

June 8, 2022

SecurityCamCenter is a participant in the Amazon Services LLC Associates Program. This post may contain affiliate link(s). An affiliate link means we may earn advertising or referral fees if you make a purchase through our links, at no extra cost to you.

Categories

© 2022 SecurityCamCenter.com / Security Tips and Tutorials

No Result
View All Result
  • Home
  • Buying Guide
  • Technical

© 2022 SecurityCamCenter.com / Security Tips and Lessons