SN No. HSRC-202311-03
Edit: Hikvision Security Response Center (HSRC)
Initial Release Date: 2023-11-23
Summary
Some Hikvision products have been affected by an authentication bypass vulnerability in the Hik-Connect Module, which could allow remote attackers to consume services by sending crafted messages to the affected devices.
CVE ID
CVE-2023-48121
Scoring
CVSS v3.1 is adopted in this vulnerability scoring.
(http://www.first.org/cvss/specification-document)
Base score: 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N)
Affected Versions
No
|
Product Name
|
Affected Versions
|
1
|
DS-2CV1xxx
|
build date before 231108
|
2
|
DS-2CV2xxx
|
build date before 231108
|
3
|
DS-2CD1xxx
|
build date before 230614
|
4
|
DS-2CD2xx1
DS-2CD2xx3
DS-2CD2xx6
DS-2CD2xx7
|
build date before 230630
|
5 |
DS-2CD2xx2
DS-2CD2xx0 |
build date before 231110
|
6
|
DS-2CD2xxx-W
|
build date before 230831
|
7
|
DS-2CD3xxx
|
build date before 210429
|
8
|
HWI-xxxx
|
build date before 231108
|
9
|
IPC-xxx
|
build date before 230614
|
10
|
DS-2DE4xxx
|
build date before 230519
|
11
|
DS-2DE2Axx
|
build date before 230612
|
12
|
iDS-EXXHUH
DS-EXXHGH
iDS-EXXHQH
DVR-EXXHUH
|
build date before 230825
|
13
|
iDS-72XXHQH-M(C)
iDS-72XXHUH-M(C)
iDS-72XXHQH-M(E)
iDS-72XXHUH-M(E)
iDS-72XXHTH-M(C)
HW-HWD-72XXMH-G4
HW-HWD-62XXMH-G4
HL-DVR-216Q-K2(E)
|
build date before 230823
|
14
|
DS-71XXHGH-M(C)
DS-72XXHGH-M(C)
DS-71XXHGH-K(S)
DS-72XXHGH-K(S)
HL-DVR-1XXG-K(S)
HL-DVR-2XXG-K(S)
HL-DVR-1XXG-M(C)
HL-DVR-2XXG-M(C)
HW-HWD-51XXH(S)
HW-HWD-51XXH-G
HW-HWD-51XXMH-G
iDS-71xxHQH-M(C)
iDS-71xxHQH-M(E)
iDS-72xxHQH-M/E(C)
iDS-72xxHQH-M/E(E)
HL-DVR-2XXQ-M(C)
HL-DVR-2XXQ-M(E)
HW-HWD-61XXMH-G4
HW-HWD-61XXMH-G4(E)
iDS-71xxHUH-M(C)
iDS-72xxHUH-M/E(C)
iDS-71xxHUH-M(E)
iDS-72xxHUH-M/E(E)
HL-DVR-2XXU-M(C)
HL-DVR-2XXU-M(E)
HW-HWD-71XXMH-G4
HW-HWD-71XXMH-G4(E)
|
build date before 230913
|
15
|
DS-76xxNI-Q1(/xP)(D)
DS-76xxNI-Q2(/xP)(D)
DS-77xxNI-Q4(/xP)(D)
DS-76xxNXI-K1(/xP)(B)
NVR-2xx(M)H(-xP)-C(D)
NVR-1xx(M)H(-xP)-C(D)
HW-HWN-42xx(M)H(-xP)(D)
HW-HWN-41xx(M)H(-xP)(D)
|
build date before 230620
|
16
|
DS-71xxNI-Q1(/xP)(/M)(D)
DS-76xxNI-Q1(C)
DS-76xxNI-Q2(C)
DS-76xxNI-K1(C)
HL-NVR-1xx(M)H-D(D)
HW-HWN-21xx(M)H(-xP)(D)
HW-HWN-41xxMH(C)
HW-HWN-42xxMH(C)
HL-NVR-1xxMH-C(C)
HL-NVR-2xxMH-C(C)
|
build date before 230707
|
17
|
DS-76xxNI-K2
DS-77xxNI-K4
|
build date before 230712
|
18
|
HL-NVR-EXXMH-D/4P(SSD 1T)
HL-NVR-EXXMH-D/4P(SSD 2T)
DS-EXXNI-Q1(SSD 1T)
DS-EXXNI-Q1(SSD 2T)
|
build date before 230925
|
Precondition
The attacker has network access to the device.
Attack Step
Send a specially crafted malicious message.
Obtaining Fixed Version
Users can download the patch on the Hikvision official website.
Source of Vulnerability Information
The vulnerability was reported to EZVIZ Security Team by Joern (@joerngermany).
Contact Us
To report any security issues or vulnerabilities in Hikvision products and solutions, please contact Hikvision Security Response Center at hsrc@hikvision.com.
Hikvision would like to thank all security researchers for your attention to our products.
2023-11-23 V1.0 INITIAL
2023-11-29 V1.1 UPDATED: Updated Affected Versions