![]() ![]() Hikvision released a firmware fix in March 2017 though IPVM stats show 60%+ of Hikvision cameras are still vulnerable (detailed below).ĭHS' ranking of this vulnerability as a 10/10 is even more understandable now that the simplicity of compromising these devices has been proven. Render hundreds of thousands of connected devices permanently unusable with just one simple http call.Īnd worst of all, one can download camera configuration:Īny accessible Hikvision camera with affected firmware is vulnerable to complete takeover or bricking. ![]() Because most Hikvision devices only protect firmware images by obfuscation, one can flash arbitrary code or Obtain a camera snapshot without authentication:Īll other HikCGI calls can be impersonated in the same way, including those that add new users or flash cameraįirmware. All that needed was appending this string to Hikvision camera commands:Īs the researcher explained in his disclosure: Retrieve a list of all users and their roles: Hikvision included a magic string that allowed instant access to any camera, regardless of what the admin password was. Inside this post, we examine how the exploit works, how it is being used, how what percentage of devices are vulnerable, and Hikvision's failure to respond to the exploit's release. We also show using password reset tool to take over a camera: We produced the following video, showing just how simple it is to utilize this exploit to retrieve an image snapshot and system information from a camera. Plus, IPVM has set up a vulnerable Hikvision IP camera so members can test and better understand the exploit.
0 Comments
Leave a Reply. |