CVE-2025-66173
BaseFortify
Publication date: 2025-12-19
Last updated on: 2025-12-23
Assigner: Hangzhou Hikvision Digital Technology Co., Ltd.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hikvision | ds-7104hghi-f1_firmware | to 4.30.122_201107 (inc) |
| hikvision | ds-7104hghi-f1 | * |
| hikvision | ds-7204hghi-f1_firmware | to 4.30.122_201107 (inc) |
| hikvision | ds-7204hghi-f1 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-269 | The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a privilege escalation issue in certain Hikvision DVR/NVR devices caused by improper authentication on the serial port. An attacker with physical access to the device can connect to the serial port and gain access to an unrestricted shell environment, allowing them to escalate their privileges on the device. [1]
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker with physical access to gain unrestricted shell access to the affected device, potentially compromising confidentiality, integrity, and availability of the device and its data. This could lead to unauthorized control, data theft, or disruption of device operations. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability requires physical access to the device's serial port to be exploited. Detection involves verifying if your Hikvision DVR/NVR devices are among the affected models (e.g., DS-7104HGHI-F1, DS-7204HGHI-F1) and checking their firmware versions to see if they are at or below V4.30.122_201107. There are no specific network commands to detect this vulnerability remotely since it is a physical access issue. To detect it on the device, you would need to physically access the serial port and attempt to authenticate or access the shell environment, but no explicit commands are provided in the advisory for detection. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the affected Hikvision DVR/NVR devices to the fixed firmware versions released by Hikvision that address this vulnerability. Additionally, restrict physical access to the devices' serial ports to prevent unauthorized exploitation. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.