Known Vulnerabilities for products from Hikvision
Listed below are 15 of the newest known vulnerabilities associated with the vendor "Hikvision".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Hikvision can be found at device.report : Hikvision
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-36260 | A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, atta... | 9.8 - CRITICAL | 2021-09-22 | 2022-10-27 |
| CVE-2020-7057 | Hikvision DVR DS-7204HGHI-F1 V4.0.1 build 180903 Web Version sends a different response for failed ISAPI/Security/sessionLogi... | 5.3 - MEDIUM | 2020-01-14 | 2020-01-24 |
| CVE-2018-6414 | A buffer overflow vulnerability in the web server of some Hikvision IP Cameras allows an attacker to send a specially crafted... | 9.8 - CRITICAL | 2018-08-13 | 2020-09-24 |
| CVE-2018-6413 | There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability all... | 7.5 - HIGH | 2018-04-18 | 2018-05-23 |
| CVE-2017-14953 | ** DISPUTED ** HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigge... | 6.5 - MEDIUM | 2017-12-01 | 2023-11-07 |
| CVE-2017-13774 | Hikvision iVMS-4200 devices before v2.6.2.7 allow local users to generate password-recovery codes via unspecified vectors. | 7.8 - HIGH | 2017-08-30 | 2017-09-12 |
| CVE-2017-7923 | A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 1... | 8.8 - HIGH | 2017-05-06 | 2017-12-19 |
| CVE-2017-7921 | An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530,... | 10 - CRITICAL | 2017-05-06 | 2017-12-19 |
| CVE-2015-4409 | Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to c... | 6.5 - MEDIUM | 2017-03-13 | 2017-03-14 |
| CVE-2015-4408 | Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to c... | 6.5 - MEDIUM | 2017-03-13 | 2017-03-14 |
| CVE-2015-4407 | Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to c... | 6.5 - MEDIUM | 2017-03-13 | 2017-03-14 |
| CVE-2014-4880 | Buffer overflow in Hikvision DVR DS-7204 Firmware 2.2.10 build 131009, and other models and versions, allows remote attackers... | 7.5 - HIGH | 2014-12-08 | 2014-12-08 |
| CVE-2013-4977 | Buffer overflow in the RTSP Packet Handler in Hikvision DS-2CD7153-E IP camera with firmware 4.1.0 b130111 (Jan 2013), and po... | 10 - HIGH | 2014-03-03 | 2017-08-29 |
| CVE-2013-4976 | Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentials | 9.8 - CRITICAL | 2019-12-27 | 2020-01-10 |
| CVE-2013-4975 | Hikvision DS-2CD7153-E IP Camera has Privilege Escalation | 8.8 - HIGH | 2019-12-27 | 2020-01-14 |
Known software with vulnerabilities from Hikvision
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Hikvision | Ds-2cd7153-e | - |
| Operating System | Hikvision | Ds-2cd7153-e Firmware | - |
| Hardware | Hikvision | Ds-7204hghi-f1 | - |
| Operating System | Hikvision | Ds-7204hghi-f1 Firmware | 4.0.1 |
| Application | Hikvision | Ivms-4200 | 2.6.2.6 |