1. 918博天堂·(中国区)首页

      Security Vulnerability in Some Hikvision Access Control/Intercom Products

      Security Vulnerability in Some Hikvision Access Control/Intercom Products

      SN No. HSRC-202306-01

      Edit: Hikvision Security Response Center (HSRC)

      Initial Release Date: 2023-06-14

       

      Summary:

      Some of Hikvision's access control/intercom products have the following security vulnerabilities:

      (1) Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.

       

      (2) Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.

       

      CVE ID:

      CVE-2023-28809 

      CVE-2023-28810

       

      Scoring

      CVSS v3 is adopted in this vulnerability scoring. 

      (http://www.first.org/cvss/specification-document)

      CVE-2023-28809

      Base score: 7.5 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)

      Temporal score: 6.7 (/E:P/RL:O/RC:C)

      CVE-2023-28810

      Base score: 4.3 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

      Temporal score: 3.9 (E:P/RL:O/RC:C)

       

      Affected Versions and Fixes:

      Product Name Affected Vuls Affected Versions

      DS-K1T804AXX

      CVE-2023-28809 & CVE-2023-28810

      Versions below V1.4.0_build221212 (including V1.4.0_build221212)

      DS-K1T341AXX

      Versions below V3.2.30_build221223 (including V3.2.30_build221223)

      DS-K1T671XXX

      Versions below V3.2.30_build221223 (including V3.2.30_build221223)

      DS-K1T343XXX

      Versions below V3.14.0_build230117 (including V3.14.0_build230117)

      DS-K1T341C

      Versions below V3.3.8_build230112 (including V3.3.8_build230112)

      DS-K1T320XXX

      Versions below V3.5.0_build220706 (including V3.5.0_build220706)

      DS-KH63 Series
      DS-KH85 Series

      CVE-2023-28810

      Versions below V2.2.8_build230219 (including V2.2.8_build230219)

      DS-KH62 Series Versions below V1.4.62_build220414 (including V1.4.62_build220414)

      DS-KH9310-WTE1(B)
      DS-KH9510-WTE1(B)

      Versions below V2.1.76_build230204 (including V2.1.76_build230204)

      Obtaining Fixed Versions

      Users can download patches/updates on the Hikvision official website to mitigate these vulnerabilities.

       

      Source of vulnerability information:

      These vulnerabilities were reported to HSRC by Andres Hinnosaar with the support of NATO CCDCOE and Peter Szot from Skylight Cyber.

       

      Contact Us

      To report any security issues or vulnerabilities in Hikvision products and solutions, please contact Hikvision Security Response Center at hsrc@hrbaojie.com.

       

      Hikvision would like to thank all the security researchers who help identify and mitigate potential vulnerabilities in our products to ensure that our solutions protect people, places, and assets while user data is safeguarded.

      Hubungi Kami
      Hik-Partner Pro close
      Hik-Partner Pro
      Hik-Partner Pro
      Scan and download the app
      Download
      Hik-Partner Pro
      Hik-Partner Pro

      Get a better browsing experience

      You are using a web browser we don’t support. Please try one of the following options to have a better experience of our web content.