Cybersecurity Vulnerability Could Affect Millions of Hikvision Cameras
The “command injection vulnerability” could allow threat actors to have complete control of compromised devices and was discovered by cybersecurity researcher Watchful IP in June and first reported on Monday by IPVM.
According to the security advisory, the vulnerability received a base score of 9.8 out of 10 per the Common Vulnerability Scoring System (CVSS), which Watchful IP called “the highest level of critical vulnerability.”
Although the video surveillance giant has not disclosed how many products are likely impacted, posting only product names and firmware versions, IPVM estimates that more than 100 million devices could be affected.
In a letter to its partners, Hikvision informed integrators to download an updated version of firmware on its website to remediate the vulnerability.
It also said: “We recognize that many of our partners may have installed Hikvision equipment that is affected by this vulnerability, and we strongly encourage you to work with your customers to ensure proper cyber hygiene and install the updated firmware.”
Hikvision also said that it worked with Watchful IP to patch the vulnerability. Addition ..
Support the originator by clicking the read the rest link below.