Security Notification- Buffer Overflow Vulnerability in Some Hikvision IP Cameras
SN No. HSRC-201808-01
Edit: Hikvision Security Response Center (HSRC)
Initial Release Date: 2018-08-13
Update Date: 2018-08-23
Summary
A buffer overflow vulnerability in the web server of some Hikvision IP Cameras allows an attacker to send a specially crafted message to affected devices. Due to the insufficient input validation, successful exploit can corrupt memory and lead to arbitrary code execution or crash the process.
CVE ID
CVE-2018-6414
Scoring
CVSS v3 is adopted in this vulnerability scoring(http://www.first.org/cvss/specification-document)
Base score: 8.9 (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:H)
Temporal score: 8.0 (E:P/RL:O/RC:C)
Affected Versions and Fixes
IPC:
Product Name | Affected Versions | Resolved Versions | Where to update firmware |
DS-2CD2xx5 DS-2CD2xx3 |
V5.5.0 build170725 to V5.5.52 build180511 | V5.5.61 build180718 and later | Download link |
DS-2CD3xxx | V5.5.0 build170725 to V5.5.60 build180515 | V5.5.61 build180718 and later | Download link |
DS-2CD1X43 DS-2CD1X53 |
V5.5.2 build170920 to V5.5.52 build180523 | V5.5.53 build180716 and later | Download link |
DS-2CD2X12FWD DS-2CD2X22FWD DS-2CD2X42FWD DS-2CD2X52F |
V5.5.0 build170725 to V5.5.52 build180427 | V5.5.53 build180730 and later | Download link |
DS-2CD4x26EFWD DS-2CD4BxxFWD DS-2CD4CxxFWD DS-2CD4DxxFWD DS-2XMxxxx |
V5.5.0 build170914 to V5.5.52 build180601 | V5.5.53 build180719 and later | Download link |
DS-2CD1x01-I | V5.5.5 build180207 to V5.5.52 build180620 | V5.5.53 build180717 and later | Download link |
DS-2CD1x23 | V5.5.2 build171013 to V5.5.52 build180522 | V5.5.53 build180713 and later | Download link |
DS-2CD1x21 | V5.5.4 build180104 to V5.5.52 build180626 | V5.5.53 build180717 and later | Download link |
HiLook:
Product Name | Affected Versions | Resolved Versions | Where to update firmware |
IPC-B100 IPC-D100 |
V5.5.5 build180207 to V5.5.52 build180620 | V5.5.53 build180717 and later | Download link |
IPC-x120H IPC-T220H |
V5.5.2 build171013 to V5.5.52 build180522 | V5.5.53 build180713 and later | Download link |
IPD*:
Product Name | Affected Versions | Resolved Versions | Where to update firmware |
DS-2DF5xxx DS-2DF6xxx DS-2DF7xxx DS-2DF8xxx DS-2DT6223 |
V5.5.2 build171201 and previous versions* | V5.5.71 build180723 and later | Download link |
DS-2DE4xxxW DS-2DE5xxxW DS-2DE7xxxW |
V5.5.6 build180408 and previous versions* | V5.5.71 build180725 and later | Download link |
* 2018/08/23 update: The affected version of IPD doesn’t include V5.4.0 and previous versions.
Obtaining fixed firmware:
Users should download the updated firmware to guard against this potential vulnerability. It is available on the Hikvision official website.
Source of vulnerability information
This vulnerability is reported to HSRC by Ori Hollander of VDOO Connected Trust LTD., an Israeli security company focuses on IoT security.
Contact Us
Should you have a security problem or concern, please contact Hikvision Security Response Center at [email protected].