Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
39 vulnerabilities
CVE-2026-32684 (GCVE-0-2026-32684)
Vulnerability from cvelistv5 – Published: 2026-05-12 10:51 – Updated: 2026-06-02 16:04
VLAI
Summary
The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | Hik-Connect APP |
Affected:
V6.10.x
Unaffected: V6.12.0 |
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32684",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T12:06:07.612844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-02T16:04:38.256Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Hik-Connect APP",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V6.10.x"
},
{
"status": "unaffected",
"version": "V6.12.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yi\u011fithan Y\u00fcceda\u011f"
}
],
"descriptions": [
{
"lang": "en",
"value": "The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T10:51:08.585Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://pinfo.hikvision.com/hkwsen/unzip/20260511114030_14652_doc/GUID-A47A8570-631E-4F62-BCEE-37E9F2983DD7.html"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2026-32684",
"datePublished": "2026-05-12T10:51:08.585Z",
"dateReserved": "2026-03-13T07:45:08.745Z",
"dateUpdated": "2026-06-02T16:04:38.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-32683 (GCVE-0-2026-32683)
Vulnerability from cvelistv5 – Published: 2026-05-09 08:29 – Updated: 2026-05-12 22:31
VLAI
Summary
Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to obtain data.Users are advised to upgrade the app to the latest version and enable the video encryption feature.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
Impacted products
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-32683",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T17:29:08.128087Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T22:31:10.618Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "EZVIZ APP",
"vendor": "EZVIZ",
"versions": [
{
"status": "affected",
"version": "iOS: Versions prior to 7.3.1"
},
{
"status": "affected",
"version": "Android: Versions prior to 7.3.0.0210"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cisco Talos"
}
],
"descriptions": [
{
"lang": "en",
"value": "Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to obtain data.Users are advised to upgrade the app to the latest version and enable the video encryption feature."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T08:29:09.821Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.ezviz.com/inter/trust-center/security/security-notice/2026.05.08"
},
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-cloud-function-modules-of-some-hikvisi/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2026-32683",
"datePublished": "2026-05-09T08:29:09.821Z",
"dateReserved": "2026-03-13T07:45:08.744Z",
"dateUpdated": "2026-05-12T22:31:10.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-3828 (GCVE-0-2026-3828)
Vulnerability from cvelistv5 – Published: 2026-05-09 08:27 – Updated: 2026-05-11 15:22
VLAI
Summary
Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | DS-3E1310P-SI |
Affected:
Versions below V1.2.4_210623 (including V1.2.4_210623)
|
|
| Hikvision | DS-3E1318P-SI |
Affected:
Versions below V1.2.0_210823 (including V1.2.0_210823)
|
|
| Hikvision | DS-3E1326P-SI |
Affected:
Versions below V1.2.0_210823 (including V1.2.0_210823)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-3828",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T15:22:31.962279Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T15:22:55.314Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-3E1310P-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V1.2.4_210623 (including V1.2.4_210623)"
}
]
},
{
"product": "DS-3E1318P-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V1.2.0_210823 (including V1.2.0_210823)"
}
]
},
{
"product": "DS-3E1326P-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V1.2.0_210823 (including V1.2.0_210823)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Thiago Torres (torresm)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T08:27:55.964Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/command-execution-vulnerability-in-some-hikvision-switch-product/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2026-3828",
"datePublished": "2026-05-09T08:27:55.964Z",
"dateReserved": "2026-03-09T09:20:38.428Z",
"dateUpdated": "2026-05-11T15:22:55.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-1749 (GCVE-0-2026-1749)
Vulnerability from cvelistv5 – Published: 2026-05-09 08:27 – Updated: 2026-05-11 15:21
VLAI
Summary
There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.
Severity
6.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | HikCentral Professional |
Affected:
V2.4.0~V3.0.1
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-1749",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-11T15:21:36.019611Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T15:21:55.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Professional",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V2.4.0~V3.0.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ayoub ELMOKHTAR from the Offensive Security Team (Noon)"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-09T08:27:15.849Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-hikcentral-professional/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2026-1749",
"datePublished": "2026-05-09T08:27:15.849Z",
"dateReserved": "2026-02-02T02:00:26.271Z",
"dateUpdated": "2026-05-11T15:21:55.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22626 (GCVE-0-2026-22626)
Vulnerability from cvelistv5 – Published: 2026-01-30 11:03 – Updated: 2026-02-27 14:37
VLAI
Summary
Due to insufficient input parameter validation on the interface, authenticated users of certain HIKSEMI NAS products can cause abnormal device behavior by crafting specific messages.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-233 - Improper Handling of Parameters
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HIKSEMI | HS-AFS-S1H1 |
Affected:
V5.10.10_Build_251126
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22626",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-30T12:40:22.043403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "CWE-233 Improper Handling of Parameters",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T14:37:37.094Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HS-AFS-S1H1",
"vendor": "HIKSEMI",
"versions": [
{
"status": "affected",
"version": "V5.10.10_Build_251126"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jincheng Wang"
}
],
"descriptions": [
{
"lang": "en",
"value": "Due to insufficient input parameter validation on the interface, authenticated users of certain HIKSEMI NAS products can cause abnormal device behavior by crafting specific messages."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-30T11:03:29.709Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hiksemitech.com/en/hiksemi/support/security-advisory.html"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2026-22626",
"datePublished": "2026-01-30T11:03:29.709Z",
"dateReserved": "2026-01-08T05:37:27.997Z",
"dateUpdated": "2026-02-27T14:37:37.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22625 (GCVE-0-2026-22625)
Vulnerability from cvelistv5 – Published: 2026-01-30 11:03 – Updated: 2026-02-27 14:42
VLAI
Summary
Improper handling of filenames in certain HIKSEMI NAS products may lead to the exposure of sensitive system files.
Severity
4.6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HIKSEMI | HS-AFS-S1H1 |
Affected:
V5.10.10_Build_251126
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22625",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-30T12:41:35.848702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T14:42:08.422Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HS-AFS-S1H1",
"vendor": "HIKSEMI",
"versions": [
{
"status": "affected",
"version": "V5.10.10_Build_251126"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jincheng Wang"
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper handling of filenames in certain HIKSEMI NAS products may lead to the exposure of sensitive system files."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-30T11:03:14.801Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hiksemitech.com/en/hiksemi/support/security-advisory.html"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2026-22625",
"datePublished": "2026-01-30T11:03:14.801Z",
"dateReserved": "2026-01-08T05:37:27.997Z",
"dateUpdated": "2026-02-27T14:42:08.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22624 (GCVE-0-2026-22624)
Vulnerability from cvelistv5 – Published: 2026-01-30 11:03 – Updated: 2026-02-27 14:44
VLAI
Summary
Due to inadequate access control, authenticated users of certain HIKSEMI NAS products can manipulate other users' file resources without proper authorization.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HIKSEMI | HS-AFS-S1H1 |
Affected:
V5.10.10_Build_251126
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22624",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-30T12:43:48.203961Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T14:44:15.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HS-AFS-S1H1",
"vendor": "HIKSEMI",
"versions": [
{
"status": "affected",
"version": "V5.10.10_Build_251126"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jincheng Wang"
}
],
"descriptions": [
{
"lang": "en",
"value": "Due to inadequate access control, authenticated users of certain HIKSEMI NAS products can manipulate other users\u0027 file resources without proper authorization."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-30T11:03:02.811Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hiksemitech.com/en/hiksemi/support/security-advisory.html"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2026-22624",
"datePublished": "2026-01-30T11:03:02.811Z",
"dateReserved": "2026-01-08T05:37:27.997Z",
"dateUpdated": "2026-02-27T14:44:15.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-22623 (GCVE-0-2026-22623)
Vulnerability from cvelistv5 – Published: 2026-01-30 11:02 – Updated: 2026-02-27 14:45
VLAI
Summary
Due to insufficient input parameter validation on the interface, authenticated users of certain HIKSEMI NAS products can execute arbitrary commands on the device by crafting specific messages.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HIKSEMI | HS-AFS-S1H1 |
Affected:
V5.10.10_Build_251126
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-22623",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-30T12:44:59.407089Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T14:45:19.674Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HS-AFS-S1H1",
"vendor": "HIKSEMI",
"versions": [
{
"status": "affected",
"version": "V5.10.10_Build_251126"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jincheng Wang"
}
],
"descriptions": [
{
"lang": "en",
"value": "Due to insufficient input parameter validation on the interface, authenticated users of certain HIKSEMI NAS products can execute arbitrary commands on the device by crafting specific messages."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-30T11:02:26.539Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hiksemitech.com/en/hiksemi/support/security-advisory.html"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2026-22623",
"datePublished": "2026-01-30T11:02:26.539Z",
"dateReserved": "2026-01-08T05:37:27.997Z",
"dateUpdated": "2026-02-27T14:45:19.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0709 (GCVE-0-2026-0709)
Vulnerability from cvelistv5 – Published: 2026-01-30 11:01 – Updated: 2026-02-27 14:49
VLAI
Summary
Some Hikvision Wireless Access Points are vulnerable to authenticated command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | DS-3WAP521-SI |
Affected:
V1.1.6303 build250812 and earlier
|
|
| Hikvision | DS-3WAP522-SI |
Affected:
V1.1.6303 build250812 and earlier
|
|
| Hikvision | DS-3WAP621E-SI |
Affected:
V1.1.6303 build250812 and earlier
|
|
| Hikvision | DS-3WAP622E-SI |
Affected:
V1.1.6303 build250812 and earlier
|
|
| Hikvision | DS-3WAP623E-SI |
Affected:
V1.1.6303 build250812 and earlier
|
|
| Hikvision | DS-3WAP622G-SI |
Affected:
V1.1.6303 build250812 and earlier
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0709",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-30T12:13:24.741883Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-27T14:49:22.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-3WAP521-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.6303 build250812 and earlier"
}
]
},
{
"product": "DS-3WAP522-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.6303 build250812 and earlier"
}
]
},
{
"product": "DS-3WAP621E-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.6303 build250812 and earlier"
}
]
},
{
"product": "DS-3WAP622E-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.6303 build250812 and earlier"
}
]
},
{
"product": "DS-3WAP623E-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.6303 build250812 and earlier"
}
]
},
{
"product": "DS-3WAP622G-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.6303 build250812 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "exzettabyte"
}
],
"descriptions": [
{
"lang": "en",
"value": "Some Hikvision Wireless Access Points are vulnerable to authenticated command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-30T11:01:55.633Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/command-execution-vulnerability-in-some-hikvision-wireless-access-point-products/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2026-0709",
"datePublished": "2026-01-30T11:01:55.633Z",
"dateReserved": "2026-01-08T05:49:12.677Z",
"dateUpdated": "2026-02-27T14:49:22.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-66177 (GCVE-0-2025-66177)
Vulnerability from cvelistv5 – Published: 2026-01-13 01:47 – Updated: 2026-01-13 17:27
VLAI
Summary
There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
1 reference
Impacted products
99 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | DS-96xxxNI-Hx |
Affected:
Build date before 250807
|
|
| Hikvision | DS-96xxxNI-Ix |
Affected:
Build date before 250807
|
|
| Hikvision | DS-96xxNXI-Sx |
Affected:
Build date before 250807
|
|
| Hikvision | DS-96xxxNXI-Sx |
Affected:
Build date before 250807
|
|
| Hikvision | DS-76xxNXI-Mx/VPro |
Affected:
Build date before 250807
|
|
| Hikvision | DS-96xxNXI-Mx/VPro |
Affected:
Build date before 250807
|
|
| Hikvision | DS-76xxNI-Mx |
Affected:
Build date before 250807
|
|
| Hikvision | DS-77xxNI-Mx |
Affected:
Build date before 250807
|
|
| Hikvision | DS-96xxNXI-Mx |
Affected:
Build date before 250807
|
|
| Hikvision | DS-96xxxNXI-Mx |
Affected:
Build date before 250807
|
|
| Hikvision | DS-86xxxNXI-Mx |
Affected:
Build date before 250807
|
|
| Hikvision | DS-76xxNXI-Ix/S |
Affected:
Build date before 250807
|
|
| Hikvision | DS-77xxNXI-Ix/S |
Affected:
Build date before 250807
|
|
| Hikvision | DS-86xxNXI-Ix/S |
Affected:
Build date before 250807
|
|
| Hikvision | DS-96xxNXI-Ix/S |
Affected:
Build date before 250807
|
|
| Hikvision | DS-76xxNXI-Ix/VPro |
Affected:
Build date before 250807
|
|
| Hikvision | DS-77xxNXI-Ix/VPro |
Affected:
Build date before 250807
|
|
| Hikvision | DS-76xxNXI-Kx(/xP) including(D)、(E)、(B) |
Affected:
Build date before 250807
|
|
| Hikvision | DS-77xxNXI-Kx(/xP) including(D)、(E)、(B) |
Affected:
Build date before 250807
|
|
| Hikvision | DS-76xxNXI-Kx(/xP)/Vpro |
Affected:
Build date before 250807
|
|
| Hikvision | DS-77xxNXI-Kx(/xP)/Vpro |
Affected:
Build date before 250807
|
|
| Hikvision | DS-76xxNI-Qx(/xP) including(D)、(E) |
Affected:
Build date before 250807
|
|
| Hikvision | DS-71xxNI-Q1(/xP)/M |
Affected:
Build date before 250807
|
|
| Hikvision | DS-71xxNI-Q1(/xP) |
Affected:
Build date before 250807
|
|
| Hikvision | DS-710xNI-G1/(xP)/M |
Affected:
Build date before 250807
|
|
| Hikvision | DS-76xxNI-Q1(/xP) |
Affected:
Build date before 250807
|
|
| Hikvision | DS-76xxNI-Q2(/xP) |
Affected:
Build date before 250807
|
|
| Hikvision | DS-76xxNXI-K1(/xP) |
Affected:
Build date before 250807
|
|
| Hikvision | DS-76xxNXI-K2(/xP) |
Affected:
Build date before 250807
|
|
| Hikvision | DS-77xxNXI-K4(/xP) |
Affected:
Build date before 250807
|
|
| Hikvision | DS-86xxNXI-K8(/xP) |
Affected:
Build date before 250807
|
|
| Hikvision | DS-76xxNXI-K1(/xP)/VPro |
Affected:
Build date before 250807
|
|
| Hikvision | DS-76xxNXI-K2(/xP)/VPro |
Affected:
Build date before 250807
|
|
| Hikvision | DS-77xxNXI-K4(/xP)/VPro |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-71xxHGHI-M1(/T) |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-72xxHGHI-M1(/T) |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-71xxHQHI-M1(/T) |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-72xxHQHI-M1(/T) |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-72xxHQHI-Mx/XT |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-72xxHUHI-Mx/XT |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-72xxHTHI-Mx/XT |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-90xxHUHI-M8/S(S) |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-73xxHUHI-M4/S(S) |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-81xxHUHI-M8/S(S) |
Affected:
Build date before 250807
|
|
| Hikvision | DS-71xxHGHI-M1(/T) |
Affected:
Build date before 250807
|
|
| Hikvision | DS-72xxHGHI-M1(/T) |
Affected:
Build date before 250807
|
|
| Hikvision | DS-ExxHGHI-xx |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-71xxHQHI-M1/S |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-72xxHQHI-M1/E |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-71xxHQHI-M1/T |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-72xxHQHI-M1/T |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-73xxHQHI-M4/S |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-81xxHQHI-M8/S |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-90xxHQHI-M8/S |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-ExxHQHI-xx |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-71xxHUHI-M1/S |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-72xxHUHI-M1/E |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-72xxHUHI-M1/T |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-72xxHUHI-Mx/X |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-72xxHUHI-Mx/PXT |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-73xxHUHI-M4/S |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-90xxHUHI-M8/S |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-ExxHUHI-xx |
Affected:
Build date before 250807
|
|
| Hikvision | DS-A806xxSI |
Affected:
Build date before 250807
|
|
| Hikvision | DS-AT1000SI |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-96xxxNXI-Hx |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-96064NXI-I16 |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-96xxxNXI-Ix/AI |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-67xxNXI-Mx/X |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-76xxNXI-Mx/X |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-77xxNXI-Mx/X |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-96xxNXI-Mx/X |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-96xxxNXI-Mx/X |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-96xxxNXI-Hx/AI |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-96xxNXI-Mx/AI |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-67xxNXI-Mx/AI |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-67xxxNXI-Mx/AI |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-67xxNXI-S/T |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-67xxNXI-S |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-6704NXI/AI |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-67xxNXI-P1 |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-7608NXI-P2 |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-77xxNXI-P4 |
Affected:
Build date before 250807
|
|
| Hikvision | iDS-96xxNXI-Px |
Affected:
Build date before 250807
|
|
| Hikvision | DS-2CD1xxxG2 |
Affected:
Versions below V5.7.13_230822 (including V5.7.13_230822)
|
|
| Hikvision | DS-2CD3xx1G2 |
Affected:
Versions below V5.7.13_230822 (including V5.7.13_230822)
|
|
| Hikvision | HWI-xxxxHA |
Affected:
Versions below V5.7.13_230822 (including V5.7.13_230822)
|
|
| Hikvision | IPC-xxxxHA |
Affected:
Versions below V5.7.13_230822 (including V5.7.13_230822)
|
|
| Hikvision | DS-2CD2Dx5G1 |
Affected:
Versions below V5.7.210_240826 (including V5.7.210_240826)
|
|
| Hikvision | DS-2CD64x5G1 |
Affected:
Versions below V5.7.210_240826 (including V5.7.210_240826)
|
|
| Hikvision | DS-2CD29xxG0 |
Affected:
Versions below V5.7.21_240814 (including V5.7.21_240814)
|
|
| Hikvision | DS-2XE6xxxG0 |
Affected:
Versions below V5.7.7build241203 (including V5.7.7build241203)
|
|
| Hikvision | DS-2XC6xxxG0 |
Affected:
Versions below V5.7.7build241203 (including V5.7.7build241203)
|
|
| Hikvision | DS-2CD1xxxG0(T) |
Affected:
Versions below V5.7.23_241015 (including V5.7.23_241015)
|
|
| Hikvision | DS-2CD1xx1 |
Affected:
Versions below V5.7.23_241015 (including V5.7.23_241015)
|
|
| Hikvision | DS-2CD3xx1G0 |
Affected:
Versions below V5.7.23_241015 (including V5.7.23_241015)
|
|
| Hikvision | DS-2CD2xx1G0 |
Affected:
Versions below V5.7.23_241015 (including V5.7.23_241015)
|
|
| Hikvision | IPC-xxxxH |
Affected:
Versions below V5.7.23_241015 (including V5.7.23_241015)
|
|
| Hikvision | HWI-xxxH(C) |
Affected:
Versions below V5.7.23_241015 (including V5.7.23_241015)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66177",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T14:26:06.385030Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T17:27:13.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-96xxxNI-Hx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-96xxxNI-Ix",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-96xxNXI-Sx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-96xxxNXI-Sx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-76xxNXI-Mx/VPro",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-96xxNXI-Mx/VPro",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-76xxNI-Mx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-77xxNI-Mx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-96xxNXI-Mx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-96xxxNXI-Mx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-86xxxNXI-Mx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-76xxNXI-Ix/S",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-77xxNXI-Ix/S",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-86xxNXI-Ix/S",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-96xxNXI-Ix/S",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-76xxNXI-Ix/VPro",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-77xxNXI-Ix/VPro",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-76xxNXI-Kx(/xP) including(D)\u3001(E)\u3001(B)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-77xxNXI-Kx(/xP) including(D)\u3001(E)\u3001(B)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-76xxNXI-Kx(/xP)/Vpro",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-77xxNXI-Kx(/xP)/Vpro",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-76xxNI-Qx(/xP) including(D)\u3001(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-71xxNI-Q1(/xP)/M",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-71xxNI-Q1(/xP)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-710xNI-G1/(xP)/M",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-71xxNI-Q1(/xP)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-71xxNI-Q1(/xP)/M",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-76xxNI-Q1(/xP)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-76xxNI-Q2(/xP)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-76xxNXI-K1(/xP)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-76xxNXI-K2(/xP)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-77xxNXI-K4(/xP)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-86xxNXI-K8(/xP)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-76xxNXI-K1(/xP)/VPro",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-76xxNXI-K2(/xP)/VPro",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-77xxNXI-K4(/xP)/VPro",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-71xxHGHI-M1(/T)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHGHI-M1(/T)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-71xxHQHI-M1(/T)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHQHI-M1(/T)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHQHI-Mx/XT",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHUHI-Mx/XT",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHTHI-Mx/XT",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-90xxHUHI-M8/S(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-73xxHUHI-M4/S(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-81xxHUHI-M8/S(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-71xxHGHI-M1(/T)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-72xxHGHI-M1(/T)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-ExxHGHI-xx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-71xxHQHI-M1/S",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHQHI-M1/E",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-71xxHQHI-M1/T",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHQHI-M1/T",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHQHI-Mx/XT",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-73xxHQHI-M4/S",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-81xxHQHI-M8/S",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-90xxHQHI-M8/S",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-ExxHQHI-xx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-71xxHUHI-M1/S",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHUHI-M1/E",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHUHI-M1/T",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHUHI-Mx/X",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHUHI-Mx/XT",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHUHI-Mx/PXT",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-73xxHUHI-M4/S",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-90xxHUHI-M8/S",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-ExxHUHI-xx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-72xxHTHI-Mx/XT",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-A806xxSI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-AT1000SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-96xxxNXI-Hx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-96064NXI-I16",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-96xxxNXI-Ix/AI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-67xxNXI-Mx/X",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-76xxNXI-Mx/X",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-77xxNXI-Mx/X",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-96xxNXI-Mx/X",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-96xxxNXI-Mx/X",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-96xxxNXI-Hx/AI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-96xxNXI-Mx/AI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-67xxNXI-Mx/AI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-67xxxNXI-Mx/AI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-67xxNXI-S/T",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-67xxNXI-S",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-6704NXI/AI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-67xxNXI-P1",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-7608NXI-P2",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-77xxNXI-P4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "iDS-96xxNXI-Px",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 250807"
}
]
},
{
"product": "DS-2CD1xxxG2",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.13_230822 (including V5.7.13_230822)"
}
]
},
{
"product": "DS-2CD3xx1G2",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.13_230822 (including V5.7.13_230822)"
}
]
},
{
"product": "HWI-xxxxHA",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.13_230822 (including V5.7.13_230822)"
}
]
},
{
"product": "IPC-xxxxHA",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.13_230822 (including V5.7.13_230822)"
}
]
},
{
"product": "DS-2CD2Dx5G1",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.210_240826 (including V5.7.210_240826)"
}
]
},
{
"product": "DS-2CD64x5G1",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.210_240826 (including V5.7.210_240826)"
}
]
},
{
"product": "DS-2CD29xxG0",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.21_240814 (including V5.7.21_240814)"
}
]
},
{
"product": "DS-2XE6xxxG0",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.7build241203 (including V5.7.7build241203)"
}
]
},
{
"product": "DS-2XC6xxxG0",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.7build241203 (including V5.7.7build241203)"
}
]
},
{
"product": "DS-2CD1xxxG0(T)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.23_241015 (including V5.7.23_241015)"
}
]
},
{
"product": "DS-2CD1xx1",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.23_241015 (including V5.7.23_241015)"
}
]
},
{
"product": "DS-2CD3xx1G0",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.23_241015 (including V5.7.23_241015)"
}
]
},
{
"product": "DS-2CD2xx1G0",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.23_241015 (including V5.7.23_241015)"
}
]
},
{
"product": "IPC-xxxxH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.23_241015 (including V5.7.23_241015)"
}
]
},
{
"product": "HWI-xxxH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V5.7.23_241015 (including V5.7.23_241015)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Angel Lozano Alcazar"
},
{
"lang": "en",
"type": "finder",
"value": "Pedro Guillen Nu\u00f1ez"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T01:47:54.031Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerabilities-in-some-hikvision-products/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2025-66177",
"datePublished": "2026-01-13T01:47:54.031Z",
"dateReserved": "2025-11-24T08:59:35.903Z",
"dateUpdated": "2026-01-13T17:27:13.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-66176 (GCVE-0-2025-66176)
Vulnerability from cvelistv5 – Published: 2026-01-13 01:47 – Updated: 2026-03-18 15:28
VLAI
Summary
There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
Severity
8.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
18 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | DS-K1T331 |
Affected:
Versions below V3.7.80
|
|
| Hikvision | DS-K1T341A/K1T341B |
Affected:
Versions below V3.7.80
|
|
| Hikvision | DS-K1T671/K5671 |
Affected:
Versions below V3.7.80
|
|
| Hikvision | DS-K1T672 |
Affected:
Versions below V3.7.80
|
|
| Hikvision | DS-K1T680 |
Affected:
Versions below V3.7.80
|
|
| Hikvision | DS-K1T981 |
Affected:
Versions below V3.7.80
|
|
| Hikvision | DS-K1T341C |
Affected:
Versions below V3.3.180
|
|
| Hikvision | DS-K1T670/K1T673 |
Affected:
Versions below V4.48.0
|
|
| Hikvision | DS-K1T8003 |
Affected:
Versions below V1.4.21
|
|
| Hikvision | DS-K1T804A |
Affected:
Versions below V1.4.22
|
|
| Hikvision | DS-K1T8003/8004 |
Affected:
Versions below V1.4.21
|
|
| Hikvision | DS-K1T804B |
Affected:
Versions below V1.4.23
|
|
| Hikvision | DS-K1T201A/K1T105A |
Affected:
Versions below V1.3.65
|
|
| Hikvision | DS-K1T342/K1T343/K1T344/DS-K1T6QT-F72/F43 |
Affected:
Versions below V4.48.0
|
|
| Hikvision | DS-K1T8005/DS-K1T808 |
Affected:
Versions below V3.25.40
|
|
| Hikvision | DS-K1T320/DS-K1T321 |
Affected:
Versions below V3.9.40
|
|
| Hikvision | DS-K1T323/DS-K1T510 |
Affected:
Versions below V4.23.41
|
|
| Hikvision | DS-K5033 |
Affected:
Versions below V4.37.40
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66176",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-13T14:32:35.447766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-13T17:28:04.643Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-03-18T15:28:09.433Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2281"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DS-K1T331",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V3.7.80"
}
]
},
{
"product": "DS-K1T341A/K1T341B",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V3.7.80"
}
]
},
{
"product": "DS-K1T671/K5671",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V3.7.80"
}
]
},
{
"product": "DS-K1T672",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V3.7.80"
}
]
},
{
"product": "DS-K1T680",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V3.7.80"
}
]
},
{
"product": "DS-K1T981",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V3.7.80"
}
]
},
{
"product": "DS-K1T341C",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V3.3.180"
}
]
},
{
"product": "DS-K1T670/K1T673",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V4.48.0"
}
]
},
{
"product": "DS-K1T8003",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V1.4.21"
}
]
},
{
"product": "DS-K1T804A",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V1.4.22"
}
]
},
{
"product": "DS-K1T8003/8004",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V1.4.21"
}
]
},
{
"product": "DS-K1T804A",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V1.4.22"
}
]
},
{
"product": "DS-K1T804B",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V1.4.23"
}
]
},
{
"product": "DS-K1T201A/K1T105A",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V1.3.65"
}
]
},
{
"product": "DS-K1T342/K1T343/K1T344/DS-K1T6QT-F72/F43",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V4.48.0"
}
]
},
{
"product": "DS-K1T8005/DS-K1T808",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V3.25.40"
}
]
},
{
"product": "DS-K1T320/DS-K1T321",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V3.9.40"
}
]
},
{
"product": "DS-K1T323/DS-K1T510",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V4.23.41"
}
]
},
{
"product": "DS-K5033",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V4.37.40"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matt Wiseman of Cisco Talos"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-15T01:56:32.572Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerabilities-in-some-hikvision-products/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2025-66176",
"datePublished": "2026-01-13T01:47:27.191Z",
"dateReserved": "2025-11-24T08:59:35.903Z",
"dateUpdated": "2026-03-18T15:28:09.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-66174 (GCVE-0-2025-66174)
Vulnerability from cvelistv5 – Published: 2025-12-19 06:39 – Updated: 2025-12-19 15:41
VLAI
Summary
There is an improper authentication vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and run a series of commands.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-287 - Improper Authentication
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | DS-7104HGHI-F1 |
Affected:
Versions below V4.30.122_201107 (including V4.30.122_201107)
|
|
| Hikvision | DS-7204HGHI-F1 |
Affected:
Versions below V4.30.122_201107 (including V4.30.122_201107)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66174",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T15:41:12.037984Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T15:41:32.976Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-7104HGHI-F1",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V4.30.122_201107 (including V4.30.122_201107)"
}
]
},
{
"product": "DS-7204HGHI-F1",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V4.30.122_201107 (including V4.30.122_201107)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Aaron J Jose"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an improper authentication vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and run a series of commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T06:45:55.453Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/serial-port-privilege-escalation-vulnerabilities-in-some-hikvision-nvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2025-66174",
"datePublished": "2025-12-19T06:39:51.404Z",
"dateReserved": "2025-11-24T08:59:35.903Z",
"dateUpdated": "2025-12-19T15:41:32.976Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-66173 (GCVE-0-2025-66173)
Vulnerability from cvelistv5 – Published: 2025-12-19 06:39 – Updated: 2025-12-19 15:40
VLAI
Summary
There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted shell environment.
Severity
6.2 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | DS-7104HGHI-F1 |
Affected:
Versions below V4.30.122_201107 (including V4.30.122_201107)
|
|
| Hikvision | DS-7204HGHI-F1 |
Affected:
Versions below V4.30.122_201107 (including V4.30.122_201107)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66173",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T15:40:25.549400Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T15:40:52.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-7104HGHI-F1",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V4.30.122_201107 (including V4.30.122_201107)"
}
]
},
{
"product": "DS-7204HGHI-F1",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V4.30.122_201107 (including V4.30.122_201107)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Aaron J Jose"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted shell environment."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T06:45:40.814Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/serial-port-privilege-escalation-vulnerabilities-in-some-hikvision-nvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2025-66173",
"datePublished": "2025-12-19T06:39:38.504Z",
"dateReserved": "2025-11-24T08:59:35.902Z",
"dateUpdated": "2025-12-19T15:40:52.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-28815 (GCVE-0-2023-28815)
Vulnerability from cvelistv5 – Published: 2025-10-17 11:07 – Updated: 2025-10-17 12:10
VLAI
Summary
Some versions of Hikvision's iSecure Center Product contain insufficient parameter validation, resulting in a command injection vulnerability. Attackers may exploit this to gain platform privileges and execute arbitrary commands on the system.iSecure Center is software released for China's domestic market only, with no overseas release.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-141 - Improper Neutralization of Parameter/Argument Delimiters
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | iSecure Center |
Affected:
V1.0.0 - V1.7.0
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28815",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-17T12:10:12.884691Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-141",
"description": "CWE-141 Improper Neutralization of Parameter/Argument Delimiters",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T12:10:16.930Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iSecure Center",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.0.0 - V1.7.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "hsrc"
}
],
"descriptions": [
{
"lang": "en",
"value": "Some versions of Hikvision\u0027s iSecure Center Product contain insufficient parameter validation, resulting in a command injection vulnerability. Attackers may exploit this to gain platform privileges and execute arbitrary commands on the system.iSecure Center is software released for China\u0027s domestic market only, with no overseas release."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T11:07:26.306Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/cn/support/CybersecurityCenter/SecurityNotices/2023-04/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28815",
"datePublished": "2025-10-17T11:07:26.306Z",
"dateReserved": "2023-03-23T19:49:08.441Z",
"dateUpdated": "2025-10-17T12:10:16.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28814 (GCVE-0-2023-28814)
Vulnerability from cvelistv5 – Published: 2025-10-17 11:07 – Updated: 2025-10-17 13:04
VLAI
Summary
Some versions of Hikvision's iSecure Center Product have an improper file upload control vulnerability. Due to the improper verification of file to be uploaded, attackers may upload malicious files to the server. iSecure Center is software released for China's domestic market only, with no overseas release.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | iSecure Center |
Affected:
V1.0.0 - V1.7.0
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28814",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-17T13:04:13.622732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T13:04:24.853Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iSecure Center",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.0.0 - V1.7.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "hsrc"
}
],
"descriptions": [
{
"lang": "en",
"value": "Some versions of Hikvision\u0027s iSecure Center Product have an improper file upload control vulnerability. Due to the improper verification of file to be uploaded, attackers may upload malicious files to the server. iSecure Center is software released for China\u0027s domestic market only, with no overseas release."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-17T11:07:06.801Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/cn/support/CybersecurityCenter/SecurityNotices/2023-03/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28814",
"datePublished": "2025-10-17T11:07:06.801Z",
"dateReserved": "2023-03-23T19:49:08.440Z",
"dateUpdated": "2025-10-17T13:04:24.853Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-39247 (GCVE-0-2025-39247)
Vulnerability from cvelistv5 – Published: 2025-08-29 01:40 – Updated: 2025-08-29 13:32
VLAI
Summary
There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.
Severity
8.6 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-284 - Improper Access Control
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | HikCentral Professional |
Affected:
Versions between V2.3.1 and V2.6.2
|
|
| Hikvision | HikCentral Professional |
Affected:
Version V3.0.0
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39247",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-29T13:32:15.480416Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T13:32:18.140Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Professional",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions between V2.3.1 and V2.6.2"
}
]
},
{
"product": "HikCentral Professional",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Version V3.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dr. Matthias Lutter"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T01:40:31.553Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-some-hikcentral-products/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2025-39247",
"datePublished": "2025-08-29T01:40:31.553Z",
"dateReserved": "2025-04-16T05:37:51.248Z",
"dateUpdated": "2025-08-29T13:32:18.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-39246 (GCVE-0-2025-39246)
Vulnerability from cvelistv5 – Published: 2025-08-29 01:39 – Updated: 2025-08-29 13:32
VLAI
Summary
There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could allow an authenticated user to potentially enable escalation of privilege via local access.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-428 - Unquoted Search Path or Element
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | HikCentral FocSign |
Affected:
Versions between V1.4.0 and V2.2.0
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39246",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-29T13:32:36.393721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T13:32:53.476Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HikCentral FocSign",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions between V1.4.0 and V2.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Eduardo Bido"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T01:39:53.653Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-some-hikcentral-products/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2025-39246",
"datePublished": "2025-08-29T01:39:53.653Z",
"dateReserved": "2025-04-16T05:37:51.248Z",
"dateUpdated": "2025-08-29T13:32:53.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-39245 (GCVE-0-2025-39245)
Vulnerability from cvelistv5 – Published: 2025-08-29 01:38 – Updated: 2025-08-29 13:33
VLAI
Summary
There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data.
Severity
4.7 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | HikCentral Master Lite |
Affected:
Versions between V2.2.1 and V2.3.2
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39245",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-29T13:33:21.122215Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T13:33:42.304Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Master Lite",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions between V2.2.1 and V2.3.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yousef Alfuhaid"
},
{
"lang": "en",
"type": "finder",
"value": "Nader Alharbi"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T01:38:46.917Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-some-hikcentral-products/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2025-39245",
"datePublished": "2025-08-29T01:38:46.917Z",
"dateReserved": "2025-04-16T05:37:51.248Z",
"dateUpdated": "2025-08-29T13:33:42.304Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-39240 (GCVE-0-2025-39240)
Vulnerability from cvelistv5 – Published: 2025-06-13 07:10 – Updated: 2025-06-17 17:24
VLAI
Summary
Some Hikvision Wireless Access Point are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
Impacted products
6 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | DS-3WAP622G-SI |
Affected:
V1.1.5402 build241014(E2254P02)and the versions prior to it
|
|
| Hikvision | DS-3WAP623E-SI |
Affected:
V1.1.5400 build240814(E2254)and the versions prior to it
|
|
| Hikvision | DS-3WAP521-SI |
Affected:
V1.1.5400 build240814(E2254)and the versions prior to it
|
|
| Hikvision | DS-3WAP522-SI |
Affected:
V1.1.5402 build241014(E2254P02)and the versions prior to it
|
|
| Hikvision | DS-3WAP621E-SI |
Affected:
V1.1.5400 build240814(E2254)and the versions prior to it
|
|
| Hikvision | DS-3WAP622E-SI |
Affected:
V1.1.5402 build241014(E2254P02)and the versions prior to it
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-39240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-13T15:15:35.438694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T17:24:32.221Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-3WAP622G-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.5402 build241014\uff08E2254P02\uff09and the versions prior to it"
}
]
},
{
"product": "DS-3WAP623E-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.5400 build240814\uff08E2254\uff09and the versions prior to it"
}
]
},
{
"defaultStatus": "affected",
"product": "DS-3WAP521-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.5400 build240814\uff08E2254\uff09and the versions prior to it"
}
]
},
{
"product": "DS-3WAP522-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.5402 build241014\uff08E2254P02\uff09and the versions prior to it"
}
]
},
{
"product": "DS-3WAP621E-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.5400 build240814\uff08E2254\uff09and the versions prior to it"
}
]
},
{
"product": "DS-3WAP622E-SI",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V1.1.5402 build241014\uff08E2254P02\uff09and the versions prior to it"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "exzettabyte"
}
],
"descriptions": [
{
"lang": "en",
"value": "Some Hikvision Wireless Access Point are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-13T07:10:39.734Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/remote-command-execution-vulnerability-in-some-hikvision-wireless-access-point/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2025-39240",
"datePublished": "2025-06-13T07:10:39.734Z",
"dateReserved": "2025-04-16T05:37:51.246Z",
"dateUpdated": "2025-06-17T17:24:32.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47486 (GCVE-0-2024-47486)
Vulnerability from cvelistv5 – Published: 2024-10-18 08:33 – Updated: 2024-11-21 14:54
VLAI
Summary
There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could inject scripts into certain pages by building malicious data.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | HikCentral Master Lite |
Affected:
Versions below V2.2.1 (including V2.2.1)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47486",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T14:36:23.738242Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T14:54:17.043Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Master Lite",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V2.2.1 (including V2.2.1)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yousef Alfuhaid"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could inject scripts into certain pages by building malicious data."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T08:33:07.095Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-product-series/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-47486",
"datePublished": "2024-10-18T08:33:07.095Z",
"dateReserved": "2024-09-25T06:22:37.960Z",
"dateUpdated": "2024-11-21T14:54:17.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47487 (GCVE-0-2024-47487)
Vulnerability from cvelistv5 – Published: 2024-10-18 08:32 – Updated: 2025-03-19 17:46
VLAI
Summary
There is a SQL injection vulnerability in some HikCentral Professional versions. This could allow an authenticated user to execute arbitrary SQL queries.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | HikCentral Professional |
Affected:
Versions between V2.0.0 and V2.6.0
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47487",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T16:55:23.630917Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T17:46:20.453Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Professional",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions between V2.0.0 and V2.6.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Manh Doan Duc"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a SQL injection vulnerability in some HikCentral Professional versions. This could allow an authenticated user to execute arbitrary SQL queries."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T08:32:45.182Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-product-series/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-47487",
"datePublished": "2024-10-18T08:32:45.182Z",
"dateReserved": "2024-09-25T06:22:37.961Z",
"dateUpdated": "2025-03-19T17:46:20.453Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47485 (GCVE-0-2024-47485)
Vulnerability from cvelistv5 – Published: 2024-10-18 08:29 – Updated: 2025-03-13 15:44
VLAI
Summary
There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | HikCentral Master Lite |
Affected:
Versions between V2.0.0 and V2.2.1
|
|
| hikvision | hikcentral_master_lite |
Affected:
2.0.0 , < 2.2.1
(custom)
cpe:2.3:a:hikvision:hikcentral_master_lite:2.0.0:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:hikvision:hikcentral_master_lite:2.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "hikcentral_master_lite",
"vendor": "hikvision",
"versions": [
{
"lessThan": "2.2.1",
"status": "affected",
"version": "2.0.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47485",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-18T13:39:24.820376Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T15:44:47.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Master Lite",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions between V2.0.0 and V2.2.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yousef Alfuhaid"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a CSV injection vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could build malicious data to generate executable commands in the CSV file."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H",
"version": "4.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-18T08:29:38.392Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-product-series/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-47485",
"datePublished": "2024-10-18T08:29:38.392Z",
"dateReserved": "2024-09-25T06:22:37.960Z",
"dateUpdated": "2025-03-13T15:44:47.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29949 (GCVE-0-2024-29949)
Vulnerability from cvelistv5 – Published: 2024-04-02 11:07 – Updated: 2024-08-27 14:53
VLAI
Summary
There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands.
Severity
7.2 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
24 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | DS-7604NI-K1 / 4P(B) |
Affected:
V4.30.096build221220 and the versions prior to it
|
|
| Hikvision | DS-76xxNI-Mx |
Affected:
Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)
|
|
| Hikvision | DS-77xxNI-Mx |
Affected:
Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)
|
|
| Hikvision | DS-96xxxNI-Mxx |
Affected:
Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)
|
|
| Hikvision | DS-76xxNXI-Ix |
Affected:
Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)
|
|
| Hikvision | DS-77xxNXI-Ix |
Affected:
Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)
|
|
| Hikvision | DS-86xxNXI-Ix |
Affected:
Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)
|
|
| Hikvision | DS-96xxNXI-Ix |
Affected:
Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)
|
|
| Hikvision | iDS-76xxNXI-Mx |
Affected:
Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)
|
|
| Hikvision | iDS-77xxNXI-Mx |
Affected:
Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)
|
|
| Hikvision | iDS-96xxxMXI-Mxx |
Affected:
Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006)
|
|
| Hikvision | DS-7604NI-M1/4P |
Affected:
Versions after V5.00.000 (including V5.00.000) and before V5.01.070(not including V5.01.070)
|
|
| hikvision | ds-7604ni-k1\/4p\(b\) |
Affected:
0 , ≤ V4.30.096build221220
(custom)
cpe:2.3:h:hikvision:ds-7604ni-k1\/4p\(b\):*:*:*:*:*:*:*:* |
|
| hikvision | ds-76xxni-mx |
Affected:
V5.00.000 , < V5.02.006
(custom)
cpe:2.3:h:hikvision:ds-76xxni-mx:*:*:*:*:*:*:*:* |
|
| hikvision | ds-77xxni-mx |
Affected:
5.00.000 , < 5.02.006
(custom)
cpe:2.3:h:hikvision:ds-77xxni-mx:*:*:*:*:*:*:*:* |
|
| hikvision | ds-96xxxni-mxx |
Affected:
5.00.000 , < 5.02.006
(custom)
cpe:2.3:h:hikvision:ds-96xxxni-mxx:*:*:*:*:*:*:*:* |
|
| hikvision | ds-76xxnxi-lx |
Affected:
5.00.000 , < 5.02.006
(custom)
cpe:2.3:h:hikvision:ds-76xxnxi-lx:*:*:*:*:*:*:*:* |
|
| hikvision | ds-77xxnxi-lx |
Affected:
5.00.000 , < 5.02.006
(custom)
cpe:2.3:h:hikvision:ds-77xxnxi-lx:*:*:*:*:*:*:*:* |
|
| hikvision | ds-86xxnxi-lx |
Affected:
5.00.000 , < 5.02.006
(custom)
cpe:2.3:h:hikvision:ds-86xxnxi-lx:*:*:*:*:*:*:*:* |
|
| hikvision | ds-96xxnxi-lx |
Affected:
5.00.000 , < 5.02.006
(custom)
cpe:2.3:h:hikvision:ds-96xxnxi-lx:*:*:*:*:*:*:*:* |
|
| hikvision | ids-76xxnxi-mx |
Affected:
5.00.000 , < 5.02.006
(custom)
cpe:2.3:h:hikvision:ids-76xxnxi-mx:*:*:*:*:*:*:*:* |
|
| hikvision | ids-77xxnxi-mx |
Affected:
5.00.000 , < 5.02.006
(custom)
cpe:2.3:h:hikvision:ids-77xxnxi-mx:*:*:*:*:*:*:*:* |
|
| hikvision | ids-96xxxmxi-mxx |
Affected:
5.00.000 , < 5.02.006
(custom)
cpe:2.3:h:hikvision:ids-96xxxmxi-mxx:*:*:*:*:*:*:*:* |
|
| hikvision | ds-7604ni-m1\/4p |
Affected:
5.00.000 , < 5.01.070
(custom)
cpe:2.3:h:hikvision:ds-7604ni-m1\/4p:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:hikvision:ds-7604ni-k1\\/4p\\(b\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-7604ni-k1\\/4p\\(b\\)",
"vendor": "hikvision",
"versions": [
{
"lessThanOrEqual": "V4.30.096build221220",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-76xxni-mx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-76xxni-mx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "V5.02.006",
"status": "affected",
"version": "V5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-77xxni-mx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-77xxni-mx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-96xxxni-mxx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-96xxxni-mxx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-76xxnxi-lx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-76xxnxi-lx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-77xxnxi-lx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-77xxnxi-lx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-86xxnxi-lx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-86xxnxi-lx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-96xxnxi-lx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-96xxnxi-lx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ids-76xxnxi-mx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ids-76xxnxi-mx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ids-77xxnxi-mx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ids-77xxnxi-mx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ids-96xxxmxi-mxx:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ids-96xxxmxi-mxx",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.02.006",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:hikvision:ds-7604ni-m1\\/4p:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ds-7604ni-m1\\/4p",
"vendor": "hikvision",
"versions": [
{
"lessThan": "5.01.070",
"status": "affected",
"version": "5.00.000",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29949",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-02T17:55:48.331613Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T14:53:55.067Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DS-7604NI-K1 / 4P(B)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V4.30.096build221220 and the versions prior to it"
}
]
},
{
"product": "DS-76xxNI-Mx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"defaultStatus": "affected",
"product": "DS-77xxNI-Mx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "DS-96xxxNI-Mxx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "DS-76xxNXI-Ix",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "DS-77xxNXI-Ix",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "DS-86xxNXI-Ix",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "DS-96xxNXI-Ix",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "iDS-76xxNXI-Mx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "iDS-77xxNXI-Mx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "iDS-96xxxMXI-Mxx",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.02.006\uff08not including V5.02.006\uff09"
}
]
},
{
"product": "DS-7604NI-M1/4P",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V5.00.000 (including V5.00.000) and before V5.01.070\uff08not including V5.01.070\uff09"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "KITRI BoB 12th"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T11:07:41.449Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-29949",
"datePublished": "2024-04-02T11:07:41.449Z",
"dateReserved": "2024-03-22T02:34:04.957Z",
"dateUpdated": "2024-08-27T14:53:55.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29948 (GCVE-0-2024-29948)
Vulnerability from cvelistv5 – Published: 2024-04-02 11:07 – Updated: 2024-11-06 21:00
VLAI
Summary
There is an out-of-bounds read vulnerability in some Hikvision NVRs. An authenticated attacker could exploit this vulnerability by sending specially crafted messages to a vulnerable device, causing a service abnormality.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | DS-7604NXI-K1/4P |
Affected:
V4.76.005 build231012 and the versions prior to it
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29948",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T18:51:42.752876Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T21:00:14.957Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "DS-7604NXI-K1/4P",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V4.76.005 build231012 and the versions prior to it"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "KITRI BoB 12th"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out-of-bounds read vulnerability in some Hikvision NVRs. An authenticated attacker could exploit this vulnerability by sending specially crafted messages to a vulnerable device, causing a service abnormality."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T11:07:04.983Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-29948",
"datePublished": "2024-04-02T11:07:04.983Z",
"dateReserved": "2024-03-22T02:34:04.957Z",
"dateUpdated": "2024-11-06T21:00:14.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29947 (GCVE-0-2024-29947)
Vulnerability from cvelistv5 – Published: 2024-04-02 11:06 – Updated: 2024-10-31 15:01
VLAI
Summary
There is a NULL dereference pointer vulnerability in some Hikvision NVRs. Due to an insufficient validation of a parameter in a message, an attacker may send specially crafted messages to an affected product, causing a process abnormality.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | DS-7604NI-K1 / 4P(B) |
Affected:
V4.30.096build221220 and the versions prior to it
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29947",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-10T13:16:59.495754Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T15:01:23.386Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DS-7604NI-K1 / 4P(B)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "V4.30.096build221220 and the versions prior to it"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "KITRI BoB 12th"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a NULL dereference pointer vulnerability in some Hikvision NVRs. Due to an insufficient validation of a parameter in a message, an attacker may send specially crafted messages to an affected product, causing a process abnormality. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T11:13:32.060Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-nvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-29947",
"datePublished": "2024-04-02T11:06:42.898Z",
"dateReserved": "2024-03-22T02:34:04.957Z",
"dateUpdated": "2024-10-31T15:01:23.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25064 (GCVE-0-2024-25064)
Vulnerability from cvelistv5 – Published: 2024-03-02 02:56 – Updated: 2025-03-19 15:53
VLAI
Summary
Due to insufficient server-side validation, an attacker with login privileges could access certain resources that the attacker should not have access to by changing parameter values.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | HikCentral Professional |
Affected:
Versions after V2.0.0 and before V2.5.1
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25064",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-05T16:01:31.101506Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-19T15:53:16.696Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Professional",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions after V2.0.0 and before V2.5.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdulazeez Omar"
}
],
"descriptions": [
{
"lang": "en",
"value": "Due to insufficient server-side validation, an attacker with login privileges could access certain resources that the attacker should not have access to by changing parameter values."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-02T02:56:19.821Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-25064",
"datePublished": "2024-03-02T02:56:19.821Z",
"dateReserved": "2024-02-04T07:19:37.207Z",
"dateUpdated": "2025-03-19T15:53:16.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25063 (GCVE-0-2024-25063)
Vulnerability from cvelistv5 – Published: 2024-03-02 02:54 – Updated: 2025-03-27 15:19
VLAI
Summary
Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-285 - Improper Authorization
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | HikCentral Professional |
Affected:
Versions below V2.5.1 (including V2.5.1)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25063",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-04T19:37:09.001298Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285 Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T15:19:11.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "HikCentral Professional",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Versions below V2.5.1 (including V2.5.1)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Dubell"
}
],
"descriptions": [
{
"lang": "en",
"value": "Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-02T02:54:27.778Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2024-25063",
"datePublished": "2024-03-02T02:54:27.778Z",
"dateReserved": "2024-02-04T07:19:37.207Z",
"dateUpdated": "2025-03-27T15:19:11.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28813 (GCVE-0-2023-28813)
Vulnerability from cvelistv5 – Published: 2023-11-23 08:37 – Updated: 2024-08-02 13:51
VLAI
Summary
An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files.
Severity
8.1 (High)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | LocalServiceComponents |
Affected:
version 1.0.0.78 and the versions prior to it
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-web-browser-plug-in-locals/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "LocalServiceComponents",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "version 1.0.0.78 and the versions prior to it"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "KITRI BoB 12th"
}
],
"descriptions": [
{
"lang": "en",
"value": "An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-23T08:37:35.720Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-web-browser-plug-in-locals/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28813",
"datePublished": "2023-11-23T08:37:35.720Z",
"dateReserved": "2023-03-23T19:49:08.440Z",
"dateUpdated": "2024-08-02T13:51:38.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28812 (GCVE-0-2023-28812)
Vulnerability from cvelistv5 – Published: 2023-11-23 08:35 – Updated: 2024-12-02 19:42
VLAI
Summary
There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | LocalServiceComponents |
Affected:
version 1.0.0.78 and the versions prior to it
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-web-browser-plug-in-locals/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28812",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T19:41:44.704597Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T19:42:18.930Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "LocalServiceComponents",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "version 1.0.0.78 and the versions prior to it"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "KITRI BoB 12th"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T00:27:54.327Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-web-browser-plug-in-locals/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28812",
"datePublished": "2023-11-23T08:35:01.739Z",
"dateReserved": "2023-03-23T19:49:08.440Z",
"dateUpdated": "2024-12-02T19:42:18.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28811 (GCVE-0-2023-28811)
Vulnerability from cvelistv5 – Published: 2023-11-23 06:42 – Updated: 2024-08-02 13:51
VLAI
Summary
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
Severity
7.4 (High)
Assigner
References
1 reference
Impacted products
59 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | iDS-EXXHUH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-EXXHGH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-EXXHQH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DVR-EXXHUH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DVR-EXXHGH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DVR-EXXHQH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHQH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHUH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHQH-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHUH-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHTH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-72XXMH-G4 |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-62XXMH-G4 |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-216Q-K2(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-71XXHGH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-72XXHGH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-71XXHGH-K(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-72XXHGH-K(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-1XXG-K(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXG-K(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-1XXG-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXG-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-51XXH(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-51XXH-G |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-51XXMH-G |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-71xxHQH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-71xxHQH-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72xxHQH-M/E(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72xxHQH-M/E(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXQ-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXQ-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-61XXMH-G4 |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-61XXMH-G4(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-71xxHUH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72xxHUH-M/E(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-71xxHUH-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72xxHUH-M/E(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXU-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXU-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-71XXMH-G4 |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-71XXMH-G4(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | NVR-2xxMH-C(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | NVR-1xxMH-C(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-42xxMH(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-41xxMH(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-71xxNI-Q1(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-71xxNI-Q1(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-NVR-1xxMH-D(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-NVR-1xxMH-D(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-21xxMH(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-21xxMH(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-76xxNI-Q1(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-76xxNI-Q2(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-76xxNI-K1(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-41xxMH(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-42xxMH(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-NVR-1xxMH-C(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-NVR-2xxMH-C(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-77xxNI-I4(B) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iDS-EXXHUH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-EXXHGH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-EXXHQH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHUH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHGH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHQH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHQH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHUH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHQH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHUH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHTH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-72XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-62XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-216Q-K2(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71XXHGH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-72XXHGH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71XXHGH-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-72XXHGH-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-1XXG-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXG-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-1XXG-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXG-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXH(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXH-G",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXMH-G",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHQH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHQH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHQH-M/E(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHQH-M/E(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXQ-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXQ-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-61XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-61XXMH-G4(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHUH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHUH-M/E(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHUH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHUH-M/E(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXU-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXU-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-71XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-71XXMH-G4(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "NVR-2xxMH-C(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "NVR-1xxMH-C(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-42xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-41xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71xxNI-Q1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71xxNI-Q1(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-D(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-D(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-21xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-21xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-Q1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-Q2(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-K1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-41xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-42xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-C(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-2xxMH-C(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-77xxNI-I4(B)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Szot @IOActive"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T06:38:47.200Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28811",
"datePublished": "2023-11-23T06:42:01.522Z",
"dateReserved": "2023-03-23T19:49:08.440Z",
"dateUpdated": "2024-08-02T13:51:38.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}