January 30, 2026
Dear Valued Partner:
Today, HIKSEMI publicly disclosed four vulnerabilities (CVE-2026-22623, CVE-2026-22624, CVE-2026-22625, CVE-2026-22626) in some HIKSEMI NAS products. The company has released an update (V6.0.3_Build_260122) to address these vulnerabilities. Users can automatically update the version by updating through the HikBox APP or enabling automatic upgrades.
These vulnerabilities have been rated as 7.2, 4.3, 4.6 and 4.9, respectively, using the CVSS v3.1 calculator. The list of affected versions and details of the vulnerabilities can be found in the security advisory. The affected product is commercially available only in select markets. Please check the advisory to learn the technical details. While HIKSEMI is not aware of this vulnerability being exploited in the field, we encourage you to ensure proper cyber hygiene.
This vulnerability was reported by Jincheng Wang (@winmt) from Nanjing University of Posts and Telecommunications, and the company has been actively working with the researcher to patch and verify the successful mitigation.
HIKSEMI strictly complies with the laws and regulations in all countries and regions where we operate and our efforts to ensure the security of our products go beyond what is mandated.
For safety questions about HIKSEMI’s products and solutions, please do not hesitate to contact at salessupport@hiksemitech.com.
Kind Regards,
Hikvision.com uses strictly necessary cookies and related technologies to enable the website to function. With your consent, we would also like to use cookies to observe and analyse traffic levels and other metrics / show you targeted advertising / show you advertising on the basis of your location / tailor our website's content. For more information on cookie practices please refer to our cookie policy.
Technologies
Product Selector
Accessory Selector
HiTools Designer
Hikvision License Activation
