RCE Vulnerability in Hikvision Cameras (CVE-2021-36260)

Original release date: September 28, 2021 | Last revised: September 29, 2021

Hikvision has released updates to mitigate a command injection vulnerability—CVE-2021-36260—in Hikvision cameras that use a web server service. A remote attacker could exploit this vulnerability to take control of an affected device.

CISA encourages users and administrators to review Hikvision’s Security Advisory HSRC-202109-01 and apply the latest firmware updates. See security researcher Watchful IP’s technical blogpost for more information.

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin

Next Google Releases Security Updates for Chrome »

Previous « CISA and NSA Release Guidance on Selecting and Hardening VPNs

Multiple Vulnerabilities in OpenSSL

Systems Affected Applications and systems that use the OpenSSL SSL/TLS library Overview …

22 hours ago

Continuing Threats to Home Users

Systems Affected Continuing Threats to Home Users View Previous Alerts Alert (SA04-079A) Continuing Threats…

2 days ago

Cross-Domain Vulnerability in Outlook Express MHTML Protocol Handler

Systems Affected Microsoft Windows systems Overview A cross-domain vulnerability in the Outlook…

3 days ago

Summary of Windows Security Updates for April 2004

Systems Affected Systems running Microsoft Windows Overview There are multiple vulnerabilities in…

4 days ago

Multiple Vulnerabilities in Microsoft Products

Systems Affected Microsoft Windows Operating Systems Microsoft Windows Remote Procedure Call (RPC) and Distributed…

5 days ago

Cisco IOS SNMP Message Handling Vulnerability

Systems Affected Cisco routers and switches running vulnerable versions of IOS. Vulnerable IOS versions known…

6 days ago

This website uses cookies.