CVE-2025-66176
Unknown Unknown - Not Provided
Stack Overflow in Hikvision Access Control Search Causes Device Malfunction

Publication date: 2026-01-13

Last updated on: 2026-03-18

Assigner: Hangzhou Hikvision Digital Technology Co., Ltd.

Description
There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-13
Last Modified
2026-03-18
Generated
2026-06-16
AI Q&A
2026-01-13
EPSS Evaluated
2026-06-14
NVD
CVE-2025-66176
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
hikvision access_control *
hikvision nvr *
hikvision dvr *
hikvision cvr *
hikvision ipc *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-66176 is a stack overflow vulnerability in the Search and Discovery feature of some Hikvision Access Control products. An attacker on the same local area network (LAN) can exploit this by sending specially crafted packets to the device, causing it to malfunction. [1]

Impact Analysis

If exploited, this vulnerability can cause the affected Hikvision device to malfunction, impacting its confidentiality, integrity, and availability. The attack requires only adjacent network access, has low complexity, and does not require privileges or user interaction, making it a high-severity risk. [1]

Detection Guidance

The vulnerability can be detected by monitoring for specially crafted packets sent to the device's Search and Discovery feature over the local area network (LAN). However, no specific detection commands or tools are provided in the available resources. [1]

Mitigation Strategies

Immediate mitigation steps include applying the patches and updates provided by Hikvision for the affected Access Control devices. Additionally, restricting LAN access to trusted devices and monitoring network traffic for suspicious packets can help reduce risk. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-66176. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart