It appears R6 is vulnerable? From someone who reached out to Hikvision UK:Those look to be IPC_R0 and IPC_R6 and you should be fine.
Hikvision UK said:Yes, your model is not on the initial list of affected cameras, but in reality, this issue will affect almost all Hikvision cameras as most of them are not running firmware with a build time more recent than 210625 (25th June 2021). If you go back to that vulnerability post you will see that I have updated the fixed firmware table today with more models that were not on the initial list.
Currently, Hikvision has not published a fixed firmware for R6 cameras (2x22FWD, 2x42FWD) like the one you have, but there should be a new version posted in the next couple of days.
I should also point out that we are based in the UK so all the firmware I have linked to in that table is from the UK & EU portals and those versions may not be compatible with US camera models.
If you can't get a response from US Hikvision support then I would just keep monitoring the product page because the fixed firmware should be posted publicly soon.
This (5.5.114) is regarding that firmware based on G5 (C) models and has the led lights into it ;-) I'm not sure if 5.5.800 (for the remove of the vulnerabilities) for the firmware based on G3 (non-C) models also remove the LED part. That was for sure the case in de (C) model firmware, but i haven't installed this new firmware on my G3 firmware devices.
I note that HikVision has posted a new firmware for the R0 cameras on the European site, 3 days ago. The previous update was in 2017. I'm wondering if they're not listed as vulnerable because they're considered obsolete products? Or maybe there's a closely-related error they've decided to fix.
It's a genuine software bug.
Way more than that!