InfoSecBulletin Cybersecurity for mankind
Hikvision, a top provider of network cameras, has issued firmware updates to fix a security vulnerability that could reveal users’ Dynamic DNS credentials. This issue impacts various Hikvision camera models and may allow attackers to access sensitive information or disrupt camera communication with the Dynamic DNS service.
The Vulnerability:
Eight New ICS Advisories released by CISA
Authority Denies
Hacker claim ransomware attack on Indonesia’s state bank BRI
London-based company “Builder.ai” reportedly exposed 1.2 TB data
(CVE-2024-12727, CVE-2024-12728, CVE-2024-12729)
Sophos resolved 3 critical vulnerabilities in Firewall
“Workshop on Cybersecurity Awareness and Needs Analysis” held at BBTA
CVE-2023-48788
Kaspersky reveals active exploitation of Fortinet Vulnerability
U.S. Weighs Ban on Chinese-Made Router TP-Link: WSJ reports
Daily Security Update Dated: 18.12.2024
CISA released best practices to secure Microsoft 365 Cloud environments
Data breach! Ireland fines Meta $264 million, Australia $50m
Older Hikvision network cameras relied on HTTP for communication with Dynamic DNS providers like DynDNS and NO-IP. This exposed usernames and passwords as they were sent in cleartext, making them vulnerable to interception.
Impact:
An attacker exploiting this vulnerability could:
Steal Dynamic DNS Credentials:
Capture usernames and passwords, potentially gaining unauthorized access to the user’s Dynamic DNS account.
Disrupt Communication:
Interfere with the camera’s connection to the Dynamic DNS service, preventing remote access to the camera.
Launch Further Attacks:
Use the compromised Dynamic DNS account to redirect traffic or launch other malicious activities.
Affected Products:
A wide range of Hikvision network camera models are affected, including:
DS-2CD1xxxG0, DS-2CD2xx1G0, DS-2CD3xx1G0, IPC-xxxxH (versions prior to V5.7.23 build241008)
DS-2CD29xxG0 (versions prior to V5.7.21 build240814)
DS-2CD1xxxG2, DS-2CD3xx1G2, HWI-xxxxHA, IPC-xxxxHA (versions prior to V5.8.4 build240613)
DS-2CD2xxxG2, DS-2CD3xxxG2 (versions prior to V5.7.18 build240826)
DS-2CD2xxxFWD (versions prior to V5.6.821 build240409)
Solution:
Hikvision fixed the vulnerability by releasing updated firmware that requires HTTPS communication with Dynamic DNS services. Affected camera users should update their firmware immediately.
