virus logo Intrusion Prevention

Hikvision.Access.Control.Products.Session.Hijacking

description-logoDescription

This indicates an attack attempt to exploit a Session Hijacking vulnerability in Hikvision Access Control products.
The vulnerability is due to allowing the forging of session ID. A remote attacker can exploit this to hijack a valid user session and perform device operations.

affected-products-logoAffected Products

Hikvision DS-K1T804AXX Versions below V1.4.0_build221212 (including V1.4.0_build221212)
Hikvision DS-K1T341AXX Versions below V3.2.30_build221223 (including V3.2.30_build221223)
Hikvision DS-K1T671XXX Versions below V3.2.30_build221223 (including V3.2.30_build221223)
Hikvision DS-K1T343XXX Versions below V3.14.0_build230117 (including V3.14.0_build230117)
Hikvision DS-K1T341C Versions below V3.3.8_build230112 (including V3.3.8_build230112)
Hikvision DS-K1T320XXX Versions below V3.5.0_build220706 (including V3.5.0_build220706)

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2023-11-07 26.672
Modified
 Default_action:pass:drop
2023-10-30 25.667
New

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-14
ID 54265
Created Oct 19, 2023
Updated Oct 30, 2023
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 0.17%
Default Action drop
Active
Affected OS Linux
Affected App Other
Profile Type Permission/Privilege/Access Control