Overview
Hikvision, the Chinese manufacturer of video surveillance equipment, has addressed a critical security flaw in its Hybrid SAN (Cluster Storage) product.
This flaw could lead to an attacker getting hold of data recorded by Hikvision cameras or could even allow an attacker to access other business-data depending on how the equipment has been set up.
Customers of Hikvision using Hybrid SAN equipment should check whether they may be affected by this flaw and patch their equipment as soon as possible. If you are unsure whether your Hikvision equipment is affected, please speak to your service provider.
Detail
Hybrid SAN is a storage solution that enables users of Hikvision equipment to store CCTV footage.
This vulnerability (CVE-2023-28808) could allow an attacker to gain remote-access to the Hybrid SAN storage equipment by obtaining administrator-level permissions. The attacker would potentially gain this access by sending their own crafted-message to the affected device. By having administrator-level permission, video recordings and other data, including backups, could be accessed or deleted. Owing to the far-reaching effects of a potential attack, this flaw has been categorised with a critical-severity rating.
Seven Hybrid SAN devices have been identified as being affected by this vulnerability:
DS-A71024/48/72R, DS-A80624S, DS-A81016S, DS-A72024/72R, DS-A80316S, DS-A82024D, DS-A71024/48R-CVS.
Recommended Action
Users of Hikvision equipment are strongly recommended to check whether they are possibly using Hybrid SAN storage products and to visit the following website to apply the appropriate patch:
Hikivision – Security Notification
If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting a Cyber Concerns Online Reporting Form.
If you have any concerns, or have been affected by a cyber-related issue, report it to us by submitting a Cyber Concerns Online Reporting Form.