Security Notification - Command Injection Vulnerability in Some Hikvision products

SN No.: HSRC-202109-01

Edit: Hikvision Security Response Center (HSRC)

Initial release date: 2021-09-19

Summary:

A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

CVE ID:

CVE-2021-36260

Scoring:

CVSS v3 is adopted in this vulnerability scoring(http://www.first.org/cvss/specification-document)

Base score: 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Temporal score: 8.8 (E:P/RL:O/RC:C)

Affected versions and resolved version:

Information of affected versions and resolved versions:

Product name

Affected version(s)

DS-2CVxxx1

Versions which Build time before 210625

IPC-xxxx

DS-2CD1x23

DS-2CD2xx6G2

DS-2CD2xx7G2

DS-2CD2x21G0

DS-2CD2xx3G2

DS-2CD3xx7G2

iDS-2XM6810

iDS-2CD6810

DS-2XE60x6FWD(B)

DS-2XE62x2F(D)

DS-2XC66x5G0

DS-2XE64x2F(B)

iDS-2CD7xx6G0

(i)DS-2DExxxx

(i)DS-2PTxxxx

(i)DS-2SE7xxxx

DS-2DYHxxxx

DS-DY9xxxx

DS-2DF5xxxx

DS-2DF6xxxx

DS-2DF6xxxx-Cx

DS-2DF7xxxx

DS-2DF8xxxx

DS-2DF9xxxx

iDS-2PT9xxxx

iDS-2SK7xxxx

iDS-2VSxxxx

DS-2TBxxx

DS-Bxxxx

DS-2TDxxxxB

Versions which Build time before 210702

DS-2TD1xxx-xx

DS-2TD2xxx-xx

DS-2TD41xx-xx/Wx

DS-2TD62xx-xx/Wx

DS-2TD81xx-xx/Wx

DS-2TD4xxx-xx/V2

DS-2TD62xx-xx/V2

DS-2TD81xx-xx/V2

DS-76xxNI-K1xx(C)

DS-76xxNI-Qxx(C)

DS-HiLookI-NVR-1xxMHxx-C(C)   

DS-HiLookI-NVR-2xxMHxx-C(C)  

V4.30.210 Build201224 - V4.31.000 Build210511

DS-71xxNI-Q1xx(C) 

DS-HiLookI-NVR-1xxMHxx-D(C)  

DS-HiLookI-NVR-1xxHxx-D(C)  

V4.30.300 Build210221 - V4.31.100 Build210511

Precondition:

The attacker has access to the device network or the device has direct interface with the internet

Attack step:

Send a specially crafted message.

Obtaining fixed firmware:

Users should download the updated firmware to guard against this potential vulnerability. It is available on the Hikvision official website: Firmware download

Source of vulnerability information:

This vulnerability is reported to HSRC by UK security researcher Watchful IP.

Contact Us:

Should you have a security problem or concern, please contact Hikvision Security Response Center at hsrc@hikvision.com.

 

2021-09-19 V1.0 INITIAL

2021-09-23 V1.1 UPDATED: Updated Affected Versions

2021-09-24 V1.2 UPDATED: Updated Affected Versions

Download

This website uses necessary cookies to enable the website to function well. We would like to use additional cookies to provide you the best experience on our website. For more information, please see our cookie policy.

Contact Us