"More Than 80,000 Hikvision Cameras With Flaws Exposed Online"

Over 80,000 Hikvision cameras have been discovered to be vulnerable to a severe command injection problem, which can be quickly exploited by sending carefully designed messages to the weak web server. Hikvision patched the vulnerability, known as CVE-2021-36260, in September 2021 with a firmware upgrade. However, according to a CYFIRMA whitepaper, tens of thousands of systems used by 2,300 businesses in 100 countries have yet to receive the security upgrade. Threat actors of all skill levels can search for and exploit publicly known vulnerabilities, one of which was released in October 2021 and the other in February 2022. In December 2021, the "Moobot" Mirai-based botnet used the specific exploit to rapidly expand and recruit systems into Distributed Denial-of-Service (DDoS) swarms. CVE-2021-36260 was one of the actively exploited issues on the list at the time, according to CISA, who advised businesses to patch the vulnerability because it could allow attackers to take control of their systems. According to CYFIRMA, Russian-language hacker sites frequently sell network access points based on Hikvision cameras and are capable of lateral or "botnetting" movement. Approximately 80,000 of the 285,000 Hikvision web servers with Internet access remained vulnerable. Most of them are found in China and the US. More than 2,000 vulnerable endpoints can be found in Vietnam, the UK, Ukraine, Thailand, South Africa, France, the Netherlands, and Romania. This article continues to discuss the vulnerability of Hikvision cameras.

CyberIntelMag reports "More Than 80,000 Hikvision Cameras With Flaws Exposed Online"