Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for dvr_firmware by hikvision

    CVE-2023-28811 (GCVE-0-2023-28811)

    Vulnerability from nvd – Published: 2023-11-23 06:42 – Updated: 2024-08-02 13:51
    VLAI
    Summary
    There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
    Assigner
    Impacted products
    Vendor Product Version
    Hikvision iDS-EXXHUH Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-EXXHGH Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-EXXHQH Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DVR-EXXHUH Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DVR-EXXHGH Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DVR-EXXHQH Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72XXHQH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72XXHUH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72XXHQH-M(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72XXHUH-M(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72XXHTH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-72XXMH-G4 Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-62XXMH-G4 Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-216Q-K2(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-71XXHGH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-72XXHGH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-71XXHGH-K(S) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-72XXHGH-K(S) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-1XXG-K(S) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-2XXG-K(S) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-1XXG-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-2XXG-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-51XXH(S) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-51XXH-G Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-51XXMH-G Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-71xxHQH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-71xxHQH-M(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72xxHQH-M/E(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72xxHQH-M/E(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-2XXQ-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-2XXQ-M(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-61XXMH-G4 Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-61XXMH-G4(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-71xxHUH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72xxHUH-M/E(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-71xxHUH-M(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72xxHUH-M/E(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-2XXU-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-2XXU-M(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-71XXMH-G4 Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-71XXMH-G4(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision NVR-2xxMH-C(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision NVR-1xxMH-C(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWN-42xxMH(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWN-41xxMH(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-71xxNI-Q1(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-71xxNI-Q1(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-NVR-1xxMH-D(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-NVR-1xxMH-D(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWN-21xxMH(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWN-21xxMH(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-76xxNI-Q1(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-76xxNI-Q2(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-76xxNI-K1(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWN-41xxMH(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWN-42xxMH(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-NVR-1xxMH-C(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-NVR-2xxMH-C(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-77xxNI-I4(B) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Credits
    Peter Szot @IOActive
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T13:51:38.312Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iDS-EXXHUH",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-EXXHGH",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-EXXHQH",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DVR-EXXHUH",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DVR-EXXHGH",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DVR-EXXHQH",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72XXHQH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72XXHUH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72XXHQH-M(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72XXHUH-M(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72XXHTH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-72XXMH-G4",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-62XXMH-G4",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-216Q-K2(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-71XXHGH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-72XXHGH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-71XXHGH-K(S)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-72XXHGH-K(S)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-1XXG-K(S)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-2XXG-K(S)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-1XXG-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-2XXG-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-51XXH(S)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-51XXH-G",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-51XXMH-G",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-71xxHQH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-71xxHQH-M(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72xxHQH-M/E(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72xxHQH-M/E(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-2XXQ-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-2XXQ-M(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-61XXMH-G4",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-61XXMH-G4(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-71xxHUH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72xxHUH-M/E(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-71xxHUH-M(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72xxHUH-M/E(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-2XXU-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-2XXU-M(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-71XXMH-G4",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-71XXMH-G4(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "NVR-2xxMH-C(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "NVR-1xxMH-C(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWN-42xxMH(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWN-41xxMH(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-71xxNI-Q1(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-71xxNI-Q1(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-NVR-1xxMH-D(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-NVR-1xxMH-D(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWN-21xxMH(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWN-21xxMH(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-76xxNI-Q1(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-76xxNI-Q2(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-76xxNI-K1(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWN-41xxMH(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWN-42xxMH(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-NVR-1xxMH-C(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-NVR-2xxMH-C(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-77xxNI-I4(B)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Peter Szot @IOActive"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-30T06:38:47.200Z",
            "orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
            "shortName": "hikvision"
          },
          "references": [
            {
              "url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
            }
          ],
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
        "assignerShortName": "hikvision",
        "cveId": "CVE-2023-28811",
        "datePublished": "2023-11-23T06:42:01.522Z",
        "dateReserved": "2023-03-23T19:49:08.440Z",
        "dateUpdated": "2024-08-02T13:51:38.312Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-28811 (GCVE-0-2023-28811)

    Vulnerability from cvelistv5 – Published: 2023-11-23 06:42 – Updated: 2024-08-02 13:51
    VLAI
    Summary
    There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
    Assigner
    Impacted products
    Vendor Product Version
    Hikvision iDS-EXXHUH Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-EXXHGH Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-EXXHQH Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DVR-EXXHUH Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DVR-EXXHGH Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DVR-EXXHQH Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72XXHQH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72XXHUH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72XXHQH-M(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72XXHUH-M(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72XXHTH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-72XXMH-G4 Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-62XXMH-G4 Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-216Q-K2(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-71XXHGH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-72XXHGH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-71XXHGH-K(S) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-72XXHGH-K(S) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-1XXG-K(S) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-2XXG-K(S) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-1XXG-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-2XXG-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-51XXH(S) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-51XXH-G Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-51XXMH-G Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-71xxHQH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-71xxHQH-M(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72xxHQH-M/E(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72xxHQH-M/E(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-2XXQ-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-2XXQ-M(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-61XXMH-G4 Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-61XXMH-G4(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-71xxHUH-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72xxHUH-M/E(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-71xxHUH-M(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision iDS-72xxHUH-M/E(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-2XXU-M(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-DVR-2XXU-M(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-71XXMH-G4 Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWD-71XXMH-G4(E) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision NVR-2xxMH-C(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision NVR-1xxMH-C(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWN-42xxMH(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWN-41xxMH(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-71xxNI-Q1(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-71xxNI-Q1(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-NVR-1xxMH-D(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-NVR-1xxMH-D(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWN-21xxMH(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWN-21xxMH(D) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-76xxNI-Q1(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-76xxNI-Q2(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-76xxNI-K1(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWN-41xxMH(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HW-HWN-42xxMH(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-NVR-1xxMH-C(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision HL-NVR-2xxMH-C(C) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Hikvision DS-77xxNI-I4(B) Affected: Build date before 230821(Version before V4.1.60 are not affected)
    Create a notification for this product.
    Credits
    Peter Szot @IOActive
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T13:51:38.312Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "iDS-EXXHUH",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-EXXHGH",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-EXXHQH",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DVR-EXXHUH",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DVR-EXXHGH",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DVR-EXXHQH",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72XXHQH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72XXHUH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72XXHQH-M(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72XXHUH-M(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72XXHTH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-72XXMH-G4",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-62XXMH-G4",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-216Q-K2(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-71XXHGH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-72XXHGH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-71XXHGH-K(S)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-72XXHGH-K(S)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-1XXG-K(S)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-2XXG-K(S)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-1XXG-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-2XXG-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-51XXH(S)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-51XXH-G",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-51XXMH-G",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-71xxHQH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-71xxHQH-M(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72xxHQH-M/E(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72xxHQH-M/E(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-2XXQ-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-2XXQ-M(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-61XXMH-G4",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-61XXMH-G4(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-71xxHUH-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72xxHUH-M/E(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-71xxHUH-M(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "iDS-72xxHUH-M/E(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-2XXU-M(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-DVR-2XXU-M(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-71XXMH-G4",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWD-71XXMH-G4(E)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "NVR-2xxMH-C(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "NVR-1xxMH-C(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWN-42xxMH(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWN-41xxMH(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-71xxNI-Q1(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-71xxNI-Q1(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-NVR-1xxMH-D(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-NVR-1xxMH-D(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWN-21xxMH(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWN-21xxMH(D)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-76xxNI-Q1(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-76xxNI-Q2(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-76xxNI-K1(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWN-41xxMH(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HW-HWN-42xxMH(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-NVR-1xxMH-C(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "HL-NVR-2xxMH-C(C)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            },
            {
              "product": "DS-77xxNI-I4(B)",
              "vendor": "Hikvision",
              "versions": [
                {
                  "status": "affected",
                  "version": "Build date before 230821(Version  before  V4.1.60  are not affected)"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Peter Szot @IOActive"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-11-30T06:38:47.200Z",
            "orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
            "shortName": "hikvision"
          },
          "references": [
            {
              "url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
            }
          ],
          "x_generator": {
            "engine": "cveClient/1.0.15"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
        "assignerShortName": "hikvision",
        "cveId": "CVE-2023-28811",
        "datePublished": "2023-11-23T06:42:01.522Z",
        "dateReserved": "2023-03-23T19:49:08.440Z",
        "dateUpdated": "2024-08-02T13:51:38.312Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }