Action Requested- Hikvision IP Camera Vulnerability
Date of Notice: 10/29/2021
Action Level - Critical
Description
MCNC would like to make you aware of a Hikvision IP camera vulnerability affecting the most recent software release, as well as code and products dating back to 2016. Once an attack is successful, complete control of the Hikvision device is gained and lateral movement inside your network is possible. Further an attacker is capable of creating their own user accounts on this device with unrestricted access to the device.
Affected Device
Numerous Hikvision IP Camera products, the extensive list is on their website, linked here.
Attack Vector
The attacker needs network access. Your webcams were discovered, for this article, by scraping publicly available data sources.
Attack Feasibility
This attack hasn’t been fully revealed as the security researcher is giving the community time to patch, it is indicated that this could end up packaged and sold to criminals.
Mitigations
Patches/upgrades are available on the vendor website, download and install these patches.
Explore the need to permit external access to webcams. Webcams that are publicly available are popular targets and a compromised webcam could permit that video feed being freely available.
Remediation