Wichtiges Produkt Firmware Update

June 23, 2022

 

Dear Valued Partner:

 

Today, Hikvision has issued updated firmware on our website that fixes two vulnerabilities (CVE-2022-28171, CVE-2022-28172) in the web module of some Hikvision Hybrid SAN/cluster storage products. 

 

The vulnerabilities have been rated with CVSS v3.1 base scores of 7.5 (high) and 6.5 (medium). The list of products affected by the vulnerability and the patching guidance can be accessed on our website. While Hikvision is not aware of these vulnerabilities being exploited in the field, we recognize that some of our partners may have installed Hikvision equipment that is affected by these vulnerabilities and we strongly encourage them to work with their customers to ensure proper cyber hygiene and install the updated firmware. 

 

With these vulnerabilities, we want to provide you the details and timeline to reassure you of Hikvision’s strong commitment to cybersecurity. In March 2022, two potential vulnerabilities in Hikvision products were reported to the Hikvision Security Response Center (HSRC). Once the HSRC confirmed existence of the vulnerabilities, they worked directly with the reporter to patch and verify the successful mitigation of the reported vulnerabilities, following the standard Coordinated Disclosure Process. 

 

To date, all vulnerabilities that have been reported to Hikvision and/or made publicly known, have been patched in the latest Hikvision firmware, which is readily available on the Hikvision website. 

 

Additionally, Hikvision is a CVE Partner and is committed to continuing to work with third-party ethical hackers and security researchers to find, patch, disclose and release updates to products in a manner that best protects the users of Hikvision products.

 

Hikvision strictly complies with the laws and regulations in all countries and regions where we operate and we apply the highest standards of cybersecurity practices in an effort to best protect the users of Hikvision products around the world.

 

Bitte zögern Sie nicht, unser Team bei Fragen oder Anliegen zu kontaktieren.

 

Kind Regards,

Hikvision

Hikvision.com uses strictly necessary cookies and related technologies to enable the website to function. With your consent, we would also like to use cookies to observe and analyse traffic levels and other metrics and tailor our website’s content. For more information on cookie practices please refer to our cookie policy.