Security Vulnerabilities in Hikvision NVR Devices
SN No. HSRC-202404-01
Edit: Hikvision Security Response Center (HSRC)
Initial Release Date: 2024-04-02
Summary:
1. There is a NULL pointer dereference vulnerability in some Hikvision NVRs. Due to an insufficient validation of a parameter in a message, an attacker may send specially crafted messages to an affected product, causing a process abnormality.
2. There is an out-of-bounds read vulnerability in some Hikvision NVRs. An authenticated attacker could exploit this vulnerability by sending specially crafted messages to a vulnerable device, causing a service abnormality.
3. There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands.
Hikvision recommends users set up complex device passwords to mitigate the possibility of the above vulnerabilities being exploited.
CVE ID:
CVE-2024-29947
CVE-2024-29948
CVE-2024-29949
Scoring:
CVSS v3.1 is adopted in scoring these vulnerabilities
(http://www.first.org/cvss/specification-document)
CVE-2024-29947
Base score: 2.7 (CVSS:3.1/ AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L)
CVE-2024-29948
Base score: 3.8 (CVSS:3.1/ AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L)
CVE-2024-29949
Base score: 7.2 (CVSS:3.1/ AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
Affected Versions and Fixes:
Product Name |
Affected by |
Affected Versions |
DS-7604NI-K1 / 4P(B) |
CVE-2024-29947 & CVE-2024-29949
|
V4.30.096 build221220 and the versions prior to it |
DS-7604NXI-K1/4P |
CVE-2024-29948
|
V4.76.005 build231012 and the versions prior to it |
DS-76xxNI-Mx DS-77xxNI-Mx DS-96xxxNI-Mxx
DS-76xxNXI-Ix DS-77xxNXI-Ix DS-86xxNXI-Ix DS-96xxNXI-Ix
iDS-76xxNXI-Mx iDS-77xxNXI-Mx iDS-96xxxMXI-Mxx |
CVE-2024-29949 |
Versions after V5.00.000 (including V5.00.000) and before V5.02.006(not including V5.02.006) |
DS-7604NI-M1/4P
|
Versions after V5.00.000 (including V5.00.000) and before V5.01.070(not including V5.01.070) |
Obtaining Fixed Versions
Users can download patches/updates on the Hikvision official website.
Source of vulnerability information
These vulnerabilities were reported to HSRC by Team.ENVY (KITRI BoB 12th).
Contact Us
To report any security issues or vulnerabilities in Hikvision products and solutions, please contact Hikvision Security Response Center at hsrc@hrbaojie.com.
Hikvision would like to thank all security researchers for your attention to our products.
This Security Notice is released and updated based on Hikvision's current investigation results and is subject to changes.
hrbaojie.com uses strictly necessary cookies and related technologies to enable the website to function. With your consent, we would also like to use cookies to observe and analyse traffic levels and other metrics / show you targeted advertising / show you advertising on the basis of your location / tailor our website's content. For more information on cookie practices please refer to our cookie policy.
You are using a web browser we don’t support. Please try one of the following options to have a better experience of our web content.