InfoSecBulletin Cybersecurity for mankind
Hikvision, a top provider of network cameras, has issued firmware updates to fix a security vulnerability that could reveal users’ Dynamic DNS credentials. This issue impacts various Hikvision camera models and may allow attackers to access sensitive information or disrupt camera communication with the Dynamic DNS service.
The Vulnerability:
CVE-2024-51503
Trend Micro released updates for Deep Security Agent RCE
Apple Releases Patch for two Actively Exploited Zero-Day
Maxar Space Data Leak, Company admit, Investigation ongoing!
GitHub CLI Vulnerability Could Allow RCE
“Sarcoma” ransomware group
Hacker to disclose “Popular Life Insurance” 36 GB of stolen data
BugHunt 2024: A Milestone Cyber security Competition held at Dhaka
TP-Link DHCP Vulnerability Allow Attackers Takeover Routers Remotely
WSJ reports
T-Mobile hacked in massive breach of telecom networks
Palo Alto Networks Confirms critical RCE zero-day actively exploited
CISA, FBI Warns
Hacker compromised multiple teleco network at US
Older Hikvision network cameras relied on HTTP for communication with Dynamic DNS providers like DynDNS and NO-IP. This exposed usernames and passwords as they were sent in cleartext, making them vulnerable to interception.
Impact:
An attacker exploiting this vulnerability could:
Steal Dynamic DNS Credentials:
Capture usernames and passwords, potentially gaining unauthorized access to the user’s Dynamic DNS account.
Disrupt Communication:
Interfere with the camera’s connection to the Dynamic DNS service, preventing remote access to the camera.
Launch Further Attacks:
Use the compromised Dynamic DNS account to redirect traffic or launch other malicious activities.
Affected Products:
A wide range of Hikvision network camera models are affected, including:
DS-2CD1xxxG0, DS-2CD2xx1G0, DS-2CD3xx1G0, IPC-xxxxH (versions prior to V5.7.23 build241008)
DS-2CD29xxG0 (versions prior to V5.7.21 build240814)
DS-2CD1xxxG2, DS-2CD3xx1G2, HWI-xxxxHA, IPC-xxxxHA (versions prior to V5.8.4 build240613)
DS-2CD2xxxG2, DS-2CD3xxxG2 (versions prior to V5.7.18 build240826)
DS-2CD2xxxFWD (versions prior to V5.6.821 build240409)
Solution:
Hikvision fixed the vulnerability by releasing updated firmware that requires HTTPS communication with Dynamic DNS services. Affected camera users should update their firmware immediately.
