This week, Hikvision released a patch for a critical vulnerability affecting cluster storage and Hybrid SAN products.
The vulnerability, identifier CVE-2023-28808, is described as an access control issue, which can be exploited for administrative privileges by sending specially crafted messages to the target device.
The affected products are commonly used by organizations to store secure video data, and an attacker exploiting the vulnerability could gain access to that data.
In a notice Hikvision sent to partners, the company said that the vulnerability has not been exploited in practice.
“Although this vulnerability has not been exploited in practice, some of our partners may have installed Hikvision equipment affected by the vulnerability, and we strongly recommend that customers install the patch and apply it. take appropriate security measures,” Hikvision said.
According to Arko Dhar, CTO of Redinent, an India-based CCTV and IoT cybersecurity company that discovered the vulnerability, many of the affected systems are connected to the internet and can be remotely exploited.
“Hybrid SAN storage is mainly used to store CCTV video recordings. But it can also be configured to store business data. The scope of influence is very wide. An attacker can simultaneously delete video recordings and business data, delete backups, and cause significant business impact," warned Dhar.
Redinent researchers discovered the vulnerability in December 2022 and have been reporting it to the vendor through CERT India since January.
On April 10, Hikvision announced that patches are included in version 2.3.8-8 for Hybrid SANs and version 1.1.4 for cluster storage devices. The company also provides detailed instructions for installing the updates.
0 Comments