Denial of service in Hikvision Cameras

Published: 2014-11-28 00:00:00
Severity Low
Patch available YES
Number of vulnerabilities 3
CVE ID CVE-2014-4878
CVE-2014-4879
CVE-2014-4880
CVSSv3 6.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
6.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
6.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CWE ID CWE-120
Exploitation vector Network
Public exploit Not available
Vulnerable software DS-8100HFHI-SL(ST)
DS-7300HFHI-SL(ST)
DS-7200HFHI-SL(ST)(SE)
DS-7600HI-ST
DS-7104NI-SL/W
DS-7100NI-SL
DS-8100HCI(HFSI)(HWSI)-SH
DS-7600NI-SN(/N)(/P)
DS-7100NI-SN(/N)(/P)
DS-6700HFI(-SATA)
DS-6700HWI(-SATA)
DS-8100HDI-ST
DS-7300HI-ST
DS-7300HFI-ST
DS-7204HWI-SV
DS-7200HVI-SH
DS-7200HWI-Ex/C/F
DS-8100HQHI-SH
DS-8100HGHI-SH
DS-7300HQHI-SH
DS-7300HGHI-SH
DS-7200HQHI-SH
DS-7200HGHI-SH
DS-7100HQHI-SH
DS-7100HGHI-SH
DS-7200HWI-SV
DS-76/77xxNI-SP
DS-96xxNI-XT
DS-96xxNI-RT
DS-76/77/86/96xxNI-ST
DS-90/91xxHFI-XT
DS-90/91xxHFI-RT
DS-80/81/90/91/92xxHWI-ST
DS-80/81/90/91xxHFI-ST
DS-7700NI-E4(/N)(/P)
DS-7600NI-E2(/N)(/P)
DS-7600NI-E1(/N)(/P)
DS-7600NI-V(VP)
DS-7600NI-SE(/N)(/P)
DS-7300HWI(HFI)-SH
DS-7300HWI-E4(/C)
DS-7200HWI-E2(/C)
DS-7200HWI-E1(/C)
DS-7200HVI-SV
DS-7200HFI-SH
DS-7200HWI-SH(SL)
DS-7100HVI-SL(SH)
DS-7100HWI-SL(SH)
Hikvision DVR/NVR Firmware
Vulnerable software versions DS-8100HFHI-SL(ST) -
DS-7300HFHI-SL(ST) -
DS-7200HFHI-SL(ST)(SE) -
DS-7600HI-ST -
DS-7104NI-SL/W -
DS-7100NI-SL -
DS-8100HCI(HFSI)(HWSI)-SH -
DS-7600NI-SN(/N)(/P) -
DS-7100NI-SN(/N)(/P) -
DS-6700HFI(-SATA) -
DS-6700HWI(-SATA) -
DS-8100HDI-ST -
DS-7300HI-ST -
DS-7300HFI-ST -
DS-7204HWI-SV -
DS-7200HVI-SH -
DS-7200HWI-Ex/C/F -
DS-8100HQHI-SH -
DS-8100HGHI-SH -
DS-7300HQHI-SH -
DS-7300HGHI-SH -
DS-7200HQHI-SH -
DS-7200HGHI-SH -
DS-7100HQHI-SH -
DS-7100HGHI-SH -
DS-7200HWI-SV -
DS-76/77xxNI-SP -
DS-96xxNI-XT -
DS-96xxNI-RT -
DS-76/77/86/96xxNI-ST -
DS-90/91xxHFI-XT -
DS-90/91xxHFI-RT -
DS-80/81/90/91/92xxHWI-ST -
DS-80/81/90/91xxHFI-ST -
DS-7700NI-E4(/N)(/P) -
DS-7600NI-E2(/N)(/P) -
DS-7600NI-E1(/N)(/P) -
DS-7600NI-V(VP) -
DS-7600NI-SE(/N)(/P) -
DS-7300HWI(HFI)-SH -
DS-7300HWI-E4(/C) -
DS-7200HWI-E2(/C) -
DS-7200HWI-E1(/C) -
DS-7200HVI-SV -
DS-7200HFI-SH -
DS-7200HWI-SH(SL) -
DS-7100HVI-SL(SH) -
DS-7100HWI-SL(SH) -
Hikvision DVR/NVR Firmware -
Vendor URL Hikvision

Security Advisory

1) Buffer overflow

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to buffer overflow in the RTSP Packet Handler. A remote attacker can send a specially crafted packet using the Range parameter of the RTSP transaction, trigger memory corruption and cause the service to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Install update from vendor's website.

External links

http://www.hikvision.com/en/Press-Release-details_435_i853.html

2) Buffer overflow

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to buffer overflow in the RTSP Packet Handler. A remote attacker can send a specially crafted packet using the Range parameter of the RTSP transaction, trigger memory corruption and cause the service to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Install update from vendor's website.

External links

http://www.hikvision.com/en/Press-Release-details_435_i853.html

3) Buffer overflow

Description

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to buffer overflow in the RTSP Packet Handler. A remote attacker can send a specially crafted packet using the Range parameter of the RTSP transaction, trigger memory corruption and cause the service to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Install update from vendor's website.

External links

http://www.hikvision.com/en/Press-Release-details_435_i853.html

Back to List