Hikvision IP Cameras Command Injection Vulnerability
Medium Severity
IoT Platform
Hikvision Vendor
Vulnerability, Attack Type
A Command Injection vulnerability in the web server of some Hikvision products.
Due to the insufficient input validation, an attacker can exploit the vulnerability to launch a command injection attack by sending crafted messages with malicious commands. Learn More »
Common Vulnerabilities and Exposures
Background
Hikvision is a leading provider of IoT sensor technologies such as IP cameras used by retail, energy, educational and military sectors. Back in December 2021, Fortinet posted a blog about this vulnerability on how attackers can take advantage of it. For more information, refer to the additional resources.
Threat Radar Overall Score: 4.2
CVSS Rating | 9.0 | |
Reconnaissance Score | 92/100 | |
KEV Catalog | Yes | |
EPSS | 97% | |
FortiGuard Telemetry | 14489 |
Latest Development
Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.
Sep 26, 2021: Security notification released by the vendor Dec 06, 2021: Mirai-based Botnet - Moobot Targets Hikvision Vulnerability, Threat Analysis by Fortinet https://www.fortinet.com/blog/threat-research/mirai-based-botnet-moobot-targets-hikvision-vulnerability
Aug 26, 2022: Tens of thousands of Hikvision IP cameras are still vulnerable to a critical, 11-month-old CVE, leaving thousands of organizations exposed. A recent research shows multiple hacking groups collaborating on exploiting Hikvision IP cameras using the command injection vulnerability (CVE-2021-36260) globally. FortiGuard Labs is seeing active exploitation attempts since the release of IPS signature back in Oct, 2021 and a significant uptick in the last few months.
FortiGuard Cybersecurity Framework
Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.
-
Decoy VM
-
IPS
-
Web App Security
Decoy VM
IPS Blocks attack attempts related to Hikvision IP Cameras (CVE-2021-36260)
Web App Security Blocks attack attempts related to Hikvision IP Cameras (CVE-2021-36260)
-
IoT/IIoT Detection
-
Outbreak Detection
-
Threat Hunting
-
Content Update
IoT/IIoT Detection
Outbreak Detection
Threat Hunting
Content Update
-
Assisted Response Services
-
Automated Response
Assisted Response Services Experts to assist you with analysis, containment and response activities.
FortiRecon: ACI
Automated Response Services that can automaticlly respond to this outbreak.
FortiClient Forensics
-
InfoSec Services
InfoSec Services Security readiness and awareness training for SOC teams, InfoSec and general employees.
-
Attack Surface Monitoring (Inside & Outside)
Attack Surface Monitoring (Inside & Outside) Security reconnaissance and penetration testing services, covering both internal & external attack vectors, including those introduced internally via software supply chain.
Threat Intelligence
Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.
Loading ...
Indicators of compromise
IOC Indicator List
Indicators of compromise
IOC Threat Activity
Last 30 days
Chg
Avg 0
Mitre Matrix
Click here for the ATT&CK Matrix
References
Sources of information in support and relation to this Outbreak and vendor.