[CIVN-2022-0486] Security Bypass Vulnerability in Hikvision Wireless Bridge Products

Severity Rating: CRITICAL

Software Affected

DS-3WF0AC-2NT Versions below V1.1.0

DS-3WF01C-2N/O Versions below V1.0.4

Overview

A vulnerability has been reported in Hikvision Wireless Bridge Products, which could allow an attacker to bypass security restrictions on the targeted system.

Description

This vulnerability exists in Hikvision Wireless Bridge Products due to improper parameter handling by the bridges web management interface. An attacker could exploit this vulnerability by sending specially crafted messages to the affected devices.

Successful exploitation of this vulnerability could allow an attacker to bypass security restrictions on the targeted system.

Solution

Upgrade to the latest versions of Hikvision Products as mentioned in the vendor advisory.

https://www.hikvision.com/en/support/cybersecurity/security-advisory/access-control-vulnerability-in-some-hikvision-wireless-bridge-products/

Vendor Information

Hikvision

https://www.hikvision.com/en/support/cybersecurity/security-advisory/access-control-vulnerability-in-some-hikvision-wireless-bridge-products/

References

https://www.securityweek.com/critical-vulnerability-hikvision-wireless-bridges-allows-cctv-hacking

https://www.hikvision.com/en/support/cybersecurity/security-advisory/access-control-vulnerability-in-some-hikvision-wireless-bridge-products/

CVE Name

CVE-2022-28173

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

[CIVN-2022-0486] Security Bypass Vulnerability in Hikvision Wireless Bridge Products

About Cert Advisory

Related Posts

Popular Posts

Facebook

Blog Archive