Search
Find a vulnerability
Search criteria
2 vulnerabilities found for dvr_firmware by hikvision
CVE-2023-28811 (GCVE-0-2023-28811)
Vulnerability from nvd – Published: 2023-11-23 06:42 – Updated: 2024-08-02 13:51
VLAI
Summary
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
Severity
7.4 (High)
Assigner
References
1 reference
Impacted products
59 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | iDS-EXXHUH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-EXXHGH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-EXXHQH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DVR-EXXHUH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DVR-EXXHGH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DVR-EXXHQH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHQH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHUH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHQH-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHUH-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHTH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-72XXMH-G4 |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-62XXMH-G4 |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-216Q-K2(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-71XXHGH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-72XXHGH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-71XXHGH-K(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-72XXHGH-K(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-1XXG-K(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXG-K(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-1XXG-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXG-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-51XXH(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-51XXH-G |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-51XXMH-G |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-71xxHQH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-71xxHQH-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72xxHQH-M/E(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72xxHQH-M/E(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXQ-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXQ-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-61XXMH-G4 |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-61XXMH-G4(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-71xxHUH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72xxHUH-M/E(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-71xxHUH-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72xxHUH-M/E(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXU-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXU-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-71XXMH-G4 |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-71XXMH-G4(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | NVR-2xxMH-C(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | NVR-1xxMH-C(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-42xxMH(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-41xxMH(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-71xxNI-Q1(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-71xxNI-Q1(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-NVR-1xxMH-D(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-NVR-1xxMH-D(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-21xxMH(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-21xxMH(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-76xxNI-Q1(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-76xxNI-Q2(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-76xxNI-K1(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-41xxMH(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-42xxMH(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-NVR-1xxMH-C(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-NVR-2xxMH-C(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-77xxNI-I4(B) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iDS-EXXHUH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-EXXHGH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-EXXHQH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHUH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHGH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHQH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHQH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHUH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHQH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHUH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHTH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-72XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-62XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-216Q-K2(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71XXHGH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-72XXHGH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71XXHGH-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-72XXHGH-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-1XXG-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXG-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-1XXG-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXG-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXH(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXH-G",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXMH-G",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHQH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHQH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHQH-M/E(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHQH-M/E(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXQ-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXQ-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-61XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-61XXMH-G4(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHUH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHUH-M/E(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHUH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHUH-M/E(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXU-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXU-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-71XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-71XXMH-G4(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "NVR-2xxMH-C(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "NVR-1xxMH-C(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-42xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-41xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71xxNI-Q1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71xxNI-Q1(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-D(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-D(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-21xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-21xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-Q1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-Q2(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-K1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-41xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-42xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-C(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-2xxMH-C(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-77xxNI-I4(B)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Szot @IOActive"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T06:38:47.200Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28811",
"datePublished": "2023-11-23T06:42:01.522Z",
"dateReserved": "2023-03-23T19:49:08.440Z",
"dateUpdated": "2024-08-02T13:51:38.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28811 (GCVE-0-2023-28811)
Vulnerability from cvelistv5 – Published: 2023-11-23 06:42 – Updated: 2024-08-02 13:51
VLAI
Summary
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
Severity
7.4 (High)
Assigner
References
1 reference
Impacted products
59 products
| Vendor | Product | Version | |
|---|---|---|---|
| Hikvision | iDS-EXXHUH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-EXXHGH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-EXXHQH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DVR-EXXHUH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DVR-EXXHGH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DVR-EXXHQH |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHQH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHUH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHQH-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHUH-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72XXHTH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-72XXMH-G4 |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-62XXMH-G4 |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-216Q-K2(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-71XXHGH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-72XXHGH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-71XXHGH-K(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-72XXHGH-K(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-1XXG-K(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXG-K(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-1XXG-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXG-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-51XXH(S) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-51XXH-G |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-51XXMH-G |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-71xxHQH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-71xxHQH-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72xxHQH-M/E(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72xxHQH-M/E(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXQ-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXQ-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-61XXMH-G4 |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-61XXMH-G4(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-71xxHUH-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72xxHUH-M/E(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-71xxHUH-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | iDS-72xxHUH-M/E(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXU-M(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-DVR-2XXU-M(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-71XXMH-G4 |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWD-71XXMH-G4(E) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | NVR-2xxMH-C(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | NVR-1xxMH-C(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-42xxMH(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-41xxMH(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-71xxNI-Q1(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-71xxNI-Q1(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-NVR-1xxMH-D(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-NVR-1xxMH-D(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-21xxMH(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-21xxMH(D) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-76xxNI-Q1(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-76xxNI-Q2(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-76xxNI-K1(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-41xxMH(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HW-HWN-42xxMH(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-NVR-1xxMH-C(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | HL-NVR-2xxMH-C(C) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
|
| Hikvision | DS-77xxNI-I4(B) |
Affected:
Build date before 230821(Version before V4.1.60 are not affected)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.312Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iDS-EXXHUH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-EXXHGH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-EXXHQH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHUH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHGH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DVR-EXXHQH",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHQH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHUH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHQH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHUH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72XXHTH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-72XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-62XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-216Q-K2(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71XXHGH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-72XXHGH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71XXHGH-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-72XXHGH-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-1XXG-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXG-K(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-1XXG-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXG-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXH(S)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXH-G",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-51XXMH-G",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHQH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHQH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHQH-M/E(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHQH-M/E(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXQ-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXQ-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-61XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-61XXMH-G4(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHUH-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHUH-M/E(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-71xxHUH-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "iDS-72xxHUH-M/E(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXU-M(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-DVR-2XXU-M(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-71XXMH-G4",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWD-71XXMH-G4(E)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "NVR-2xxMH-C(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "NVR-1xxMH-C(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-42xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-41xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71xxNI-Q1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-71xxNI-Q1(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-D(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-D(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-21xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-21xxMH(D)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-Q1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-Q2(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-76xxNI-K1(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-41xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HW-HWN-42xxMH(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-1xxMH-C(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "HL-NVR-2xxMH-C(C)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
},
{
"product": "DS-77xxNI-I4(B)",
"vendor": "Hikvision",
"versions": [
{
"status": "affected",
"version": "Build date before 230821(Version before V4.1.60 are not affected)"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Peter Szot @IOActive"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-30T06:38:47.200Z",
"orgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"shortName": "hikvision"
},
"references": [
{
"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerability-in-hikvision-nvr-dvr-devices/"
}
],
"x_generator": {
"engine": "cveClient/1.0.15"
}
}
},
"cveMetadata": {
"assignerOrgId": "da451dce-859b-4e51-8b87-9c8b60d19b32",
"assignerShortName": "hikvision",
"cveId": "CVE-2023-28811",
"datePublished": "2023-11-23T06:42:01.522Z",
"dateReserved": "2023-03-23T19:49:08.440Z",
"dateUpdated": "2024-08-02T13:51:38.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}