Hikvision administrators have claimed there is “a zero-click vulnerability” in the majority of their security cameras. In this article, you’ll learn about Hikvision Critical Vulnerability.
Additionally, there is a possibility that an unauthenticated hacker can gain access to your NVR and even internal networks. Details of said Remote Code Execution (RCE) bug in certain Hikvision products that can bypass usernames and passwords have been leaked.
This exposure can be exploited to the point of gaining access to a device and being able to control it. A hacker can also use said compromised devices to gain further access to internal networks.
Overall, more than 70 Hikvision cameras and NVRs are exposed to this critical vulnerability. And more than 100 million devices were affected by the issue. Want to find out more about the topic? Check out: Are Hikvision cameras secure?
How does the Hikvision Critical Vulnerability work?
Usually, access to the HTTPS server port is the only thing needed. Typically the 80/443 server port is used to target Hikvision Critical Vulnerability.
Passwords and usernames are not necessary for an attacker to target the camera. Plus, they do not rely on the user for any action. And cannot be detected once they log into the camera.
This vulnerability to bugs has been present in the firmware since 2016 and has been both acknowledged and repaired by Hikvision. The brand also released a security advisory to alert users of at-risk products.
Why Hikvision Critical Vulnerability happens
Because there is insufficient input validation, an attacker can take advantage of this flaw by submitting messages that include malicious commands to initiate a command attack.
According to Watchful-IP, this flaw enables complete control of the embedded computer and unlimited root access.
The device owner is only allowed to use a limited “protected shell” (psh), which restricts input to a pre-determined list of limited, vastly informative commands. Yet the attacker can acquire complete control of the device with an unlimited root shell.
This means that internal networks may also be “accessed and attacked” using the vulnerability.
Does this vulnerability affect OEM versions?
Yes, there will be effects on the OEM versions. Actually, this flaw affects practically all OEM and Hikvision-branded cameras.
Additionally, hundreds of brands throughout the world will be impacted by the vulnerability since Hikvision cameras are so widely used.
Moreover, the worst thing is that many OEM brands for Hikvision attempt to conceal their affiliation with Hikvision and pass the cameras off as their own, which means they’ll ignore this vulnerability, and many consumers won’t even be aware of it.
Below is a list of some of the impacted versions. If you own a camera model listed, its firmware must be updated IMMEDIATELY.
|Product name||Affected version(s)|
|Versions which Build time before 210625|
|Versions which Build time before 210702|
|V4.30.210 Build201224 – V4.31.000 Build210511|
|V4.30.300 Build210221 – V4.31.100 Build210511|
Though Hikvision Critical Vulnerability can be a downside to its products, it does not reflect on the company as a whole as its lineup of products is worth investing in.
Furthermore, it would be best if you always protected yourself and placed cameras in areas that do not expose your privacy on the occasion that someone can access the footage. Never place any cameras in bedrooms, bathrooms, or other private spaces.