#VU85940 Use of default credentials in DVR HVR-8781 - CVE-2024-22769

Cybersecurity Help s.r.o.

Published: 2024-01-31

Vulnerability identifier: #VU85940

Vulnerability risk: Critical

CVSSv4.0: 8.7 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2024-22769

CWE-ID: CWE-1392

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
DVR HVR-8781
Hardware solutions / Other hardware appliances

Vendor: Hitron Systems

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to usage of default administrative credentials. A remote attacker can use default credentials to compromise the affected device.

Note, the vulnerability is being actively exploited in the wild by the Mirai botnet.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

DVR HVR-8781: 1.03 - 4.02

External links
https://www.cisa.gov/news-events/ics-advisories/icsa-24-030-04
https://www.akamai.com/blog/security-research/2024/jan/hitron-zero-day-vulnerability-spreading-mirai-patched

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Hitron Systems Security Camera DVRs