Termékek
Smart Hybrid Light
NVR 5.0
Hik-Partner Pro
Turbo HD 8.0
Megoldások
Retail
Hungary - HU
X
Termékek
Smart Hybrid Light
NVR 5.0
Hik-Partner Pro
Turbo HD 8.0
Megoldások
Retail

Buffer Overflow Vulnerabilities in Some Hikvision Products

Buffer Overflow Vulnerabilities in Some Hikvision Products

SN No. HSRC-202601-01

Szerkesztés: HSRC (Hikvision Biztonsági Válasz Központ):

Az eredeti kiadás dátuma: 2026-01-12

 

Összefoglaló

(1) CVE-2025-66176 - There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.

(2) CVE-2025-66177 - There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.

 

CVE-azonosító

CVE-2025-66176

CVE-2025-66177

 

Pontozás

CVSS v3.1 is adopted in scoring these vulnerabilities (http://www.first.org/cvss/specification-document)

CVE-2025-66176

Base score:8.8  (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVE-2025-66177

Base score:8.8  (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

 

Érintett verziók

CVE-azonosító

Affected Products

CVE-2025-66176

Partial Access Control Series Products

CVE-2025-66177

Partial NVR, DVR, CVR, IPC Series Products‌

For the specific list of affected models, please click the link to view.

 

Hozzáférés a javított verziókhoz

Users can download patches/updates on the Hikvision official website

 

Source of vulnerability information

CVE-2025-66176 was reported by a member of Cisco Talos Team,while CVE-2025-66177 was reported by independent security researcher Angel Lozano Alcazar and Pedro Guillen Nuñez.

 

Lépjen kapcsolatba velünk!

A Hikvision termékekkel és megoldásokkal kapcsolatos biztonsági problémák vagy sebezhetőségek bejelentéséhez forduljon a Hikvision Biztonsági Válasz Központhoz a hsrc@hikvision.com címen.

A Hikvision szeretné megköszönni minden biztonsági kutatónak, hogy figyelemmel kísérik termékeinket.

 

Declaration

This document is provided on an “AS IS” basis and without warranties of any kind, either express or implied, including but not limited to the warranties of merchantability or fitness for a particular purpose. 

Hikvision or any of its directly or indirectly controlled subsidiaries or its suppliers shall not be liable for any damages arising out of or in connection with the use of this document, including direct, indirect, incidental, special, or consequential damages. 

Hikvision reserves the right to revise or update this document at any time.

Hikvision.com uses strictly necessary cookies and related technologies to enable the website to function. With your consent, we would also like to use cookies to observe and analyse traffic levels and other metrics / show you targeted advertising / show you advertising on the basis of your location / tailor our website's content. For more information on cookie practices please refer to our cookie policy.

Manage cookies Reject All Accept All
Accept All
Reject All Manage cookies
Kereskedelmi igény
Technikai támogatás kérése
Hírlevél feliratkozás
Online támogatás
Hol lehet megvásárolni?
Weboldal visszajelzés
Kapcsolat
Hik-Partner Pro close
Hik-Partner Pro
Security Business Assistant. At Your Fingertips. Learn more
Hik-Partner Pro
Scan and download the app
Download
Hik-Partner Pro
Hik-Partner Pro

Get a better browsing experience

You are using a web browser we don’t support. Please try one of the following options to have a better experience of our web content.