Security researchers at CYFIRMA have discovered over 80,000 Hikvision cameras vulnerable to a critical command injection flaw that’s easily exploitable via specially crafted messages sent to the vulnerable web server. According to their whitepaper on the subject, tens of thousands of systems used by 2,300 organizations across 100 countries have still not applied the security update.

CYFIRMA researchers have observed … multiple instances of hackers looking to collaborate on exploiting Hikvision cameras using the command injection vulnerability (CVE-2021-36260)

Specifically in the Russian forums, we have observed leaked credentials of Hikvision camera products available for sale.

  • 80,000+ devices vulnerable
  • 100 Nations impacted
  • 450+ non-standard open ports
  • 2,300+ organizations impacted
Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
David.maynor
David.maynor , Senior Director of Threat Intelligence
InfoSec Expert
August 24, 2022 7:33 am

Wireless cameras have been a highly sought-after target for attackers over the past several years, particularly Hikvision cameras. Their product contains easy to exploit systemic vulnerabilities or worse, uses default credentials. There is no good way to perform forensics or verify that an attacker has been excised. 

Furthermore, we have not observed any change in Hikvision’s posture to signal an increase in security within their development cycle. These are the same basic failings that recent whistleblowers have accused Twitter of ignoring within their ecosystem.

Last edited 3 months ago by david.maynor
1
0
Would love your thoughts, please comment.x
()
x