Important Product Firmware Update

June 23, 2022

 

Dear Valued Partner:

 

Today, Hikvision has issued updated firmware on our website that fixes two vulnerabilities (CVE-2022-28171, CVE-2022-28172) in the web module of some Hikvision Hybrid SAN/cluster storage products. 

 

The vulnerabilities have been rated with CVSS v3.1 base scores of 7.5 (high) and 6.5 (medium). The list of products affected by the vulnerability and the patching guidance can be accessed on our website. While Hikvision is not aware of these vulnerabilities being exploited in the field, we recognize that some of our partners may have installed Hikvision equipment that is affected by these vulnerabilities and we strongly encourage them to work with their customers to ensure proper cyber hygiene and install the updated firmware. 

 

With these vulnerabilities, we want to provide you the details and timeline to reassure you of Hikvision’s strong commitment to cybersecurity. In March 2022, two potential vulnerabilities in Hikvision products were reported to the Hikvision Security Response Center (HSRC). Once the HSRC confirmed existence of the vulnerabilities, they worked directly with the reporter to patch and verify the successful mitigation of the reported vulnerabilities, following the standard Coordinated Disclosure Process. 

 

To date, all vulnerabilities that have been reported to Hikvision and/or made publicly known, have been patched in the latest Hikvision firmware, which is readily available on the Hikvision website. 

 

Additionally, Hikvision is a CVE Partner and is committed to continuing to work with third-party ethical hackers and security researchers to find, patch, disclose and release updates to products in a manner that best protects the users of Hikvision products.

 

Hikvision strictly complies with the laws and regulations in all countries and regions where we operate and we apply the highest standards of cybersecurity practices in an effort to best protect the users of Hikvision products around the world.

 

Please do not hesitate to contact our team with any questions or concerns.

 

Kind Regards,

Hikvision

Este site usa cookies para armazenar informações em seu dispositivo. Os cookies ajudam nosso site a funcionar normalmente e nos mostram como podemos melhorar sua experiência de usuário.

Ao continuar a navegar na página, concorda com a nossa política de cookies e política de privacidad.

 

Contact Us
Hik-Partner Pro close
Hik-Partner Pro
Security Business Assistant. At Your Fingertips. Learn more
Hik-Partner Pro
Scan and download the app
Hik-Partner Pro
Hik-Partner Pro
back to top