- 양자 컴퓨팅 혁신 가속화… 아이온Q·앨리스앤밥, 기술 성과 공개
- '업무용 애플리케이션 만족한다' 23%에 불과··· AI 기반 개인화 알고리즘이 열쇠
- Preorder the OnePlus Watch 3 now and enjoy several discounts before it becomes available
- How Cybersecurity is Evolving in 2025 to Tackle New Threats
- 5 ways to boost your team's productivity - without relying on generative AI
Cybersecurity Vulnerability Could Affect Millions of Hikvision Cameras
On Sunday, video surveillance giant Hikvision posted a security advisory on its website warning customers of a cyber vulnerability that could impact millions of cameras and NVRs deployed globally.
The “command injection vulnerability” could allow threat actors to have complete control of compromised devices and was discovered by cybersecurity researcher Watchful IP in June and first reported on Monday by IPVM.
According to the security advisory, the vulnerability received a base score of 9.8 out of 10 per the Common Vulnerability Scoring System (CVSS), which Watchful IP called “the highest level of critical vulnerability.”
Although the video surveillance giant has not disclosed how many products are likely impacted, posting only product names and firmware versions, IPVM estimates that more than 100 million devices could be affected.
In a letter to its partners, Hikvision informed integrators to download an updated version of firmware on its website to remediate the vulnerability.
It also said: “We recognize that many of our partners may have installed Hikvision equipment that is affected by this vulnerability, and we strongly encourage you to work with your customers to ensure proper cyber hygiene and install the updated firmware.”
Hikvision also said that it worked with Watchful IP to patch the vulnerability. Additionally, the company has patched all vulnerabilities reported to the company in its latest firmware version.
“Hikvision is a CVE Numbering Authority (CNA) and has committed to continuing to work with third-party white-hat hackers and security researchers, to find, patch, disclose and release updates to products in a timely manner that is commensurate with our CVE CNA partner companies’ vulnerability management teams,” the letter adds.
“Hikvision strictly complies with the applicable laws and regulations in all countries and regions where we operate and our efforts to ensure the security of our products go beyond what is mandated.”
