Known Vulnerabilities for products from Hikvision
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Hikvision".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Hikvision can be found at device.report : Hikvision
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-25064 json | 4.3 - MEDIUM | 2024-03-02 | 2024-03-04 | |
| CVE-2024-25063 json | 7.5 - HIGH | 2024-03-02 | 2024-03-04 | |
| CVE-2023-28813 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-11-23 | 2023-11-30 |
| CVE-2023-28812 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2023-11-23 | 2023-11-30 |
| CVE-2023-28811 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-11-23 | 2023-12-08 |
| CVE-2023-28810 json | Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attacke... | 4.3 - MEDIUM | 2023-06-15 | 2023-06-30 |
| CVE-2023-28809 json | Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID ... | 7.5 - HIGH | 2023-06-15 | 2023-09-05 |
| CVE-2023-28808 json | Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin... | 9.8 - CRITICAL | 2023-04-11 | 2023-04-24 |
| CVE-2023-6895 json | Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to obtain the admin... | 9.8 - CRITICAL | 2023-12-17 | 2024-01-02 |
| CVE-2022-28173 json | The web server of some Hikvision wireless bridge products have an access control vulnerability which can be used to obtain th... | 9.8 - CRITICAL | 2022-12-19 | 2022-12-29 |
| CVE-2022-28172 json | The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the in... | 6.1 - MEDIUM | 2022-06-27 | 2023-02-23 |
| CVE-2022-28171 json | The web module in some Hikvision Hybrid SAN/Cluster Storage products have the following security vulnerability. Due to the in... | 9.8 - CRITICAL | 2022-06-27 | 2023-08-02 |
| CVE-2021-36260 json | A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, atta... | 9.8 - CRITICAL | 2021-09-22 | 2022-10-27 |
| CVE-2020-7057 json | Hikvision DVR DS-7204HGHI-F1 V4.0.1 build 180903 Web Version sends a different response for failed ISAPI/Security/sessionLogi... | 5.3 - MEDIUM | 2020-01-14 | 2020-01-24 |
| CVE-2018-6414 json | A buffer overflow vulnerability in the web server of some Hikvision IP Cameras allows an attacker to send a specially crafted... | 9.8 - CRITICAL | 2018-08-13 | 2020-09-24 |
| CVE-2018-6413 json | There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability all... | 7.5 - HIGH | 2018-04-18 | 2018-05-23 |
| CVE-2017-14953 json | ** DISPUTED ** HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigge... | 6.5 - MEDIUM | 2017-12-01 | 2023-11-07 |
| CVE-2017-13774 json | Hikvision iVMS-4200 devices before v2.6.2.7 allow local users to generate password-recovery codes via unspecified vectors. | 7.8 - HIGH | 2017-08-30 | 2017-09-12 |
| CVE-2017-7923 json | A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 1... | 8.8 - HIGH | 2017-05-06 | 2017-12-19 |
| CVE-2017-7921 json | An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530,... | Not Provided | 2017-05-06 | 2026-04-22 |
Known software with vulnerabilities from Hikvision
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Hikvision | Ds-2cd7153-e | - |
| Operating System | Hikvision | Ds-2cd7153-e Firmware | - |
| Hardware | Hikvision | Ds-7204hghi-f1 | - |
| Operating System | Hikvision | Ds-7204hghi-f1 Firmware | 4.0.1 |
| Application | Hikvision | Ivms-4200 | 2.6.2.6 |