Experts Warn of Widespread Exploitation Involving Hikvision Cameras

Both government and criminal hacking groups are still targeting Hikvision cameras with a vulnerability from 2021, according to reports from several security researchers. From a report: Cybersecurity firm CYFIRMA released a report this week saying Russian cybercriminal forums are awash with hackers looking to collaborate on exploiting Hikvision cameras using the command injection vulnerability CVE-2021-36260. "Specifically in the Russian forums, we have observed leaked credentials of Hikvision camera products available for sale," the company's researchers said. "These can be leveraged by hackers to gain access to the devices and exploit further the path of attack to target an organization's environment." CYFIRMA reported they found that more than 80,000 Hikvision cameras are still vulnerable to the critical command injection flaw, which carries a CVSS score of 9.8 out of 10. Of the more than 80,000 vulnerable cameras, more than 100 nations and 2,300 organizations are impacted.

Re:

[Aighearach]

Hick is not a race. Neither is trailer trash.

Re:

[Tablizer]

It's arguably "ethnicism" but too few would know what you meant.

Re:

[Aighearach]

Yeah, go tell a hick he's ethnic, see how far that gets you.

Re:

[Tablizer]

"eth-hick"?

VLANS

[xeoron]

Camera systems should be on their own VLAN.

Re: VLANS

[TheMeuge]

Agreed. The cheap and cheerful Chinese cameras phone home a lot. My cameras are on their own VLAN and have no internet access. They can only stream to the recording device locally and that's it.

How explotable is this?

[ukoda]

From what I can tell this is only a problem if you expose the cameras to the Internet. If they are behind a firewall on a LAN there should be no issue, or am I missing something in my understanding of this vulnerability?

I only access my cameras from my LAN but worry that some Chinese firmware in them may be contacting remote servers opening an exploit path that way. However I am assuming that is not this issue in this case.

Already being used

[quonset]

Here we have a clear example [9gag.com] of the nefarious purposes to which hackers can exploit this vulnerability

No updates

[Dr.Wizard]

And there are no firmware updates and doesn't look like there ever will be.

Hickvision?

[Tablizer]

...so only red states are vulnerable?

-6 Regional Bigotry

Vulnerability?

[abagelgoeswoof]

ChiCom orders backdoors built into anything and everything that they can. While most of us believe we have a right to privacy, there isn't a single government that fully recognizes that right. HikVision has to obey ChiCom.