Backdoor found in Hikvision cameras

alastairstevenson said:
I think I might steal @montecrypto 's discovery and submit it to the "About Hikvision Security Response Center (HSRC)" Hikvision UK & Ireland and see if they will send me one of those new low-light IPCs that may rival the Dahua Starlight varifocal turret.
Click to expand...
I did this, to see what the response would be.
It was very quick, to the effect that they are already in the process of fixing it.
And that they'd seen the discussion about it on ipcamtalk.com
As they say in 'Person Of Interest' - "we are being watched!".
 
  • Like
Reactions: tommyd75 and fenderman
alastairstevenson said:
I did this, to see what the response would be.
It was very quick, to the effect that they are already in the process of fixing it.
And that they'd seen the discussion about it on ipcamtalk.com
As they say in 'Person Of Interest' - "we are being watched!".
Click to expand...

Love that show.


Sent from my iPhone using Tapatalk
 
Hello,

Regarding ,like said in previous post, that two of my caméras are chinese and still with 5.2.5 firmware, is it possible to allow only access to internet for output and block input . For example, i need to receive email notification for crossing Line ...
 
Stop fucking around on requesting new passwords on the Hikvision website!!!
You're only being very annoying and not able to get access on anything!!!

Could a mod please remove this topic, as it is only an invitation to some people trying to 'hack' into user accounts??
 
Kroegtijgertje said:
Stop fucking around on requesting new passwords on the Hikvision website!!!
You're only being very annoying and not able to get access on anything!!!

Could a mod please remove this topic, as it is only an invitation to some people trying to 'hack' into user accounts??
Click to expand...
Are you kidding me? No. It will not be removed. Why doesn't shitvision, oops, hikvision, who reads this site, FIX the damn problem.
 
Last edited:
  • Like
Reactions: nottooloud and nayr
Changing your profilename on the Hikvision website to something different than your profilename here on the forum will also fix the problem, right?
 
Kroegtijgertje said:
Changing your profilename on the Hikvision website to something different than your profilename here on the forum will also fix the problem, right?
Click to expand...
of course...the only way this works is if you use the same user name for hikvision and this site or any other website..
 
montecrypto said:
Hikvision gets two weeks to come forward, acknowledge, and explain why the backdoor is there and when it is going to be removed. I sent them an email. If nothing changes, I will publish all details on March 20th, along with the firmware that disables the backdoor.
Click to expand...
So...has anything been published yet? We're way past March 20th and I'm curious as well. :rolleyes:
 
He updated us in post #70

montecrypto said:
Update on the promised March 20 full disclosure date:

Per agreement with Hikvision I am delaying the disclosure. Hikvision promised to responsibly disclose and resolve the vulnerability. They are working with ICS-CERT and other organizations, and it is expected that more details will be communicated soon via those channels. If nothing is communicated in the next few weeks, I will proceed with full disclosure.
Click to expand...
 
Kroegtijgertje said:
So...has anything been published yet? We're way past March 20th and I'm curious as well. :rolleyes:
Click to expand...
this was posted above:
montecrypto said:
Update on the promised March 20 full disclosure date:

Per agreement with Hikvision I am delaying the disclosure. Hikvision promised to responsibly disclose and resolve the vulnerability. They are working with ICS-CERT and other organizations, and it is expected that more details will be communicated soon via those channels. If nothing is communicated in the next few weeks, I will proceed with full disclosure.
Click to expand...
 
alastairstevenson said:
And in response Hikvision issued a Security Notice - and updated firmware : Hikvision UK & Ireland
Click to expand...

Alastair, that is not the 'more details will be communicated' @montecrypto referred to on March 20th. The notice you cite occurred a week before that but lacks details as to what privileges can be escalated (i.e., as @montecrypto has stated "One can remotely escalate their privileges from anonymous web surfer to admin."). Hikvision has not yet acknowledged this publicly which is key to its level of severity. @montecrypto, will Hikvision be confirming that finding in their forthcoming announcement?
 
  • Like
Reactions: fenderman
montecrypto said:
There have been rumours... I would like to confirm that there is a backdoor in many popular Hikvision products that makes it possible to gain full admin access to the device.

Hikvision gets two weeks to come forward, acknowledge, and explain why the backdoor is there and when it is going to be removed. I sent them an email. If nothing changes, I will publish all details on March 20th, along with the firmware that disables the backdoor.

It would be wise to disconnect your cameras from the Internet.
Click to expand...



Hi how to identify the back door in Hikvision cameras,
And how to access the cameras without admin password...
 
@montecrypto can you confirm that the vulnerability is fixed in the latest Hikvision firmware V5.4.41 - V5.4.71?
 
1 how safe are the cameras if they are sitting behind an NVR?
2 The risk involved here is it linked to port forwarding?
Thanks
 
You must log in or register to reply here.
Top Bottom