How to find Hikvision IP cameras and recorders on your network

Updated

Latest Hikvision IP device vulnerability #

Newly published security research from Watchful IP reveals an unauthenticated code execution vulnerability (assigned CVE-2021-36260) present in many Hikvision networked video devices. With a "critical" CVSS score of 9.8, this vulnerability affects a long list of Hikvision products (captured in this security advisory) and may have been around for at least the past five years. An attacker only needs access to an open http(s) server port (e.g. 80, 443) on a vulnerable device in order to obtain a root-level shell, giving them total control of the device and providing a foothold for further access into internal networks.

Hikvision has published a security advisory for affected devices, which encourages device owners to update to the latest patched firmware. In addition to the Hikvision brand, this vulnerability is presumed to affect devices OEM'd by Hikvision through other vendors and sold under different brand names.

How to find Hikvision IP cameras and recorders #

From the Asset Inventory, use the following pre-built query to locate Hikvision devices in your network:

protocols:http AND (vendor:hikvision OR hw:hikvision)
Find Hikvision devices

As always, any prebuilt queries we create are available from our Queries Library. Check out the library for other useful inventory queries.

Written by Pearce Barry

More about Pearce Barry
Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.


Related Articles

Rapid Response
How to find SonicWall devices on your network
SonicWall disclosed a vulnerability in their SonicOS management access and SSLVPN products that could lead to unauthorized resource access, runZero...
Rapid Response
How to find D-Link DIR-846W routers on your network
D-Link has disclosed several vulnerabilities regarding their DIR-846W routers. Here's how to find them on your network.
Rapid Response
How to find Zyxel devices on your network
Zyxel disclosed a vulnerability in several Zyxel Wireless Access Point (WAP) and router devices. CVE-2024-7261 is rated extremely critical with...
Rapid Response
How to find AVTECH cameras on your network
Akamai disclosed a 0-day vulnerability in the AVTECH AVM1203 network camera. CVE-2024-7029 is rated high with CVSS score of 8.7.

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved