• 918博天堂·(中国区)首页

    Buffer Overflow Vulnerability in Hikvision NVR/DVR Devices

    Buffer Overflow Vulnerability in Hikvision NVR/DVR Devices

    SN No. HSRC-202311-01

    Edit: Hikvision Security Response Center (HSRC)

    Initial Release Date: 2023-11-17

     

    Summary

    Hikvision has released a patch to fix a buffer overflow vulnerability in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.

     

    CVE ID

    CVE-2023-28811

     

    Scoring

    CVSS v3.1 was used in scoring this vulnerability.

     

    (http://www.first.org/cvss/specification-document)

     

    Base score: 7.4 (AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)

     


    Affected Versions and Fixes

     

     

    Product Name

    Affected Versions

    Fix Download

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

    DVR

    iDS-EXXHUH

    DS-EXXHGH

    iDS-EXXHQH

    DVR-EXXHUH

    DVR-EXXHGH

    DVR-EXXHQH

    iDS-72XXHQH-M(C)

    iDS-72XXHUH-M(C)

    iDS-72XXHQH-M(E)

    iDS-72XXHUH-M(E)

    iDS-72XXHTH-M(C)

    HW-HWD-72XXMH-G4

    HW-HWD-62XXMH-G4

    HL-DVR-216Q-K2(E)

    DS-71XXHGH-M(C)

    DS-72XXHGH-M(C)

    DS-71XXHGH-K(S)

    DS-72XXHGH-K(S)

    HL-DVR-1XXG-K(S)

    HL-DVR-2XXG-K(S)

    HL-DVR-1XXG-M(C)

    HL-DVR-2XXG-M(C)

    HW-HWD-51XXH(S)

    HW-HWD-51XXH-G

    HW-HWD-51XXMH-G

    iDS-71xxHQH-M(C)

    iDS-71xxHQH-M(E)

    iDS-72xxHQH-M/E(C)

    iDS-72xxHQH-M/E(E)

    HL-DVR-2XXQ-M(C)

    HL-DVR-2XXQ-M(E)

    HW-HWD-61XXMH-G4

    HW-HWD-61XXMH-G4(E)

    iDS-71xxHUH-M(C)

    iDS-72xxHUH-M/E(C)

    iDS-71xxHUH-M(E)

    iDS-72xxHUH-M/E(E)

    HL-DVR-2XXU-M(C)

    HL-DVR-2XXU-M(E)

    HW-HWD-71XXMH-G4

    HW-HWD-71XXMH-G4(E)

    Build date before 230821(Version  before  V4.1.60  are not affected) 

    Version build date after 230821

     

     

     

     

     

     

     

     

     

     

     

     

     

    NVR

    NVR-2xxMH-C(D)

    NVR-1xxMH-C(D)

    HW-HWN-42xxMH(D)

    HW-HWN-41xxMH(D)

    DS-71xxNI-Q1(C)

    DS-71xxNI-Q1(D)

    HL-NVR-1xxMH-D(C)

    HL-NVR-1xxMH-D(D)

    HW-HWN-21xxMH(C)

    HW-HWN-21xxMH(D)

    DS-76xxNI-Q1(C)

    DS-76xxNI-Q2(C)

    DS-76xxNI-K1(C)

    HW-HWN-41xxMH(C)

    HW-HWN-42xxMH(C)

    HL-NVR-1xxMH-C(C)

    HL-NVR-2xxMH-C(C)

    DS-77xxNI-I4(B)

    Build date before 230821(Version  before  V4.1.60  are not affected) 

    Version build date after 230821

     

    Obtaining Fixed Versions

    Users can download patches/updates on the Hikvision official website or contact support@hrbaojie.com.

     

    Source of Vulnerability Information:

    The vulnerability was reported to HSRC by Sergio Ruiz of the IOActive team.

     

    Contact Us:

    To report any security issues or vulnerabilities in Hikvision products and solutions, please contact the Hikvision Security Response Center at hsrc@hrbaojie.com.

    Hikvision would like to thank all security researchers for your attention to our products.

     

    2023-11-17 V1.0 INITIAL

    2023-11-29 V1.1 UPDATED: Updated Affected Versions

    Contact Us
    Hik-Partner Pro close
    Hik-Partner Pro
    Hik-Partner Pro
    Scan and download the app
    Download
    Hik-Partner Pro
    Hik-Partner Pro

    Get a better browsing experience

    You are using a web browser we don’t support. Please try one of the following options to have a better experience of our web content.