Over 80,000 Hikvision Cameras Remain Unpatched and Vulnerable to Attack

Tens of thousands of Hikvision cameras are vulnerable to attack despite a firmware update being released to close the security hole last year.

As Bleeping Computer reports(Opens in a new window), the vulnerability relates to a flaw known as CVE-2021-36260(Opens in a new window). It’s described as a “command injection vulnerability” that allows an attacker to “launch a command injection attack by sending some messages with malicious commands,” and it was made possible due to insufficient input validation.

In a recent report(Opens in a new window) (PDF), cybersecurity company Cyfirma identified over 80,000 Hikvision cameras remained unpatched and therefore susceptible to being exploited to gain network access. So far, two known exploits are being used against the cameras, which were taken advantage of in December last year to help spread the Moobot botnet. Access to networks is also being sold on Russian-speaking hacking forums, with the access made possible due to those networks having unpatched Hikvision cameras connected to them.

According to The Register(Opens in a new window), the security flaw is present on more than 70 different models of Hikvision’s cameras. They have been purchased and used by over 2,300 organizations spread across more than 100 countries. Cyfirma’s analysis revealed the largest number of unpatched cameras are located in China (12,690) and the US (10,611). The other countries in the top 10 include Vietnam, the UK, Ukraine, Thailand, South Africa, France, the Netherlands, and Romania.

Recommended by Our Editors

Cyfirma believes Chinese cybercriminal groups APT41 and APT10, as well as unknown Russian groups, “could potentially exploit vulnerabilities in these devices to fulfill their motives (which may include specific geo-political considerations).” Cyfirma also believes the number of cyberattacks is only set to increase due to the current “geopolitical driven cyberwarfare brewing across the world.” It’s therefore imperative organizations using Hikvision cameras ensure they have the latest firmware installed as soon as possible, which can be found on the Hikvision website(Opens in a new window).

SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.”,”first_published_at”:”2021-09-30T21:22:09.000000Z”,”published_at”:”2022-03-24T14:57:33.000000Z”,”last_published_at”:”2022-03-24T14:57:28.000000Z”,”created_at”:null,”updated_at”:”2022-03-24T14:57:33.000000Z”})” x-show=”showEmailSignUp()” class=”rounded bg-gray-lightest text-center md:px-32 md:py-8 p-4 mt-8 container-xs” readability=”31.423799582463″>

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

Facebook Comments Box

Hits: 0