Hikvision Security Vulnerability
I recently read this about some Hikvision cameras: "Unpatched units are susceptible to remote hijacking, and the attacker doesn’t need a username or password to break in. All that’s needed is access to a couple of standard Internet ports."
Here is the URL to the article: https://www.forbes.com/sites/leemathews/2021/09/22/widely-used-hikvision-security-cameras-vulnerable-to-remote-hijacking/ . Hikvision says that have updated firmware to fix this.
It looks like if either HTTP (80) or HTTPS (443) ports are forwarded to a Hikvision camera then it could be remotely hacked. Given I don't do this and just have the port that SS5 uses I'm not too worried.
Here is the URL to the article: https://www.forbes.com/sites/leemathews/2021/09/22/widely-used-hikvision-security-cameras-vulnerable-to-remote-hijacking/ . Hikvision says that have updated firmware to fix this.
It looks like if either HTTP (80) or HTTPS (443) ports are forwarded to a Hikvision camera then it could be remotely hacked. Given I don't do this and just have the port that SS5 uses I'm not too worried.
Comments
-
This is why I have my cameras isolated on their own vlan isolated from the internet as discussed here: https://bensoftware.com/blog/segregating-ip-cameras-on-their-own-lan/
Most IoT devices are subject to security weakness.
