- Messages
- 5,170
- Points
- 113
We are just now learning of a vulnerability in HikVision wireless cameras where the Wi-Fi has not been used.
The cameras ship with a default wi-fi network connection configured - which uses the SSID davinci.
It is possible for somebody to configure such a network and gain access to the unused/default wi-fi connection to the camera.
If you have such a HikVision wireless camera:
Step 1 - Please update it to the latest available firmware
Step 2 - disable the Wi-Fi / remove the default SSID
Full vulnerability disclosure details here - Full Disclosure: CVE-2017-14953 - Hikvision Wi-Fi IP Cameras associate to a default unencrypted rogue SSIDs in a wired configuration
HikVision's product advisory notice on this davinci wireless vulnerability is attached below.
Hat tip to IPVM.com:
Hikvision Vulnerability Permits Wi-Fi Attack
The cameras ship with a default wi-fi network connection configured - which uses the SSID davinci.
It is possible for somebody to configure such a network and gain access to the unused/default wi-fi connection to the camera.
If you have such a HikVision wireless camera:
Step 1 - Please update it to the latest available firmware
Step 2 - disable the Wi-Fi / remove the default SSID
Full vulnerability disclosure details here - Full Disclosure: CVE-2017-14953 - Hikvision Wi-Fi IP Cameras associate to a default unencrypted rogue SSIDs in a wired configuration
HikVision's product advisory notice on this davinci wireless vulnerability is attached below.
Hat tip to IPVM.com:
Hikvision Vulnerability Permits Wi-Fi Attack