An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HHikvision Ds 2cd2032 I
HWHikvisionwszystkie wersjeHikvision Ds 2cd2032 I Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2112 I
HWHikvisionwszystkie wersjeHikvision Ds 2cd2112 I Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2132 I
HWHikvisionwszystkie wersjeHikvision Ds 2cd2132 I Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2212 I5
HWHikvisionwszystkie wersjeHikvision Ds 2cd2212 I5 Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2232 I5
HWHikvisionwszystkie wersjeHikvision Ds 2cd2232 I5 Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2312 I
HWHikvisionwszystkie wersjeHikvision Ds 2cd2312 I Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2332 I
HWHikvisionwszystkie wersjeHikvision Ds 2cd2332 I Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2412f I\(w\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2412f I\(w\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2432f I\(w\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2432f I\(w\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2512f I\(s\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2512f I\(s\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2532f I\(s\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2532f I\(s\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2612f I\(s\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2612f I\(s\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2632f I\(s\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2632f I\(s\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2712f I\(s\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2712f I\(s\) Firmware
OSHikvisionwszystkie wersjeHikvision Ds 2cd2732f I\(s\)
HWHikvisionwszystkie wersjeHikvision Ds 2cd2732f I\(s\) Firmware
OSHikvisionwszystkie wersje
CISA KEV — detailsi
- Vendori
- Hikvision
- Producti
- Multiple Products
- Added to KEVi
- March 5, 2026
- Remediation deadline (US Federal)i
- March 26, 2026(overdue)
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and gain access to sensitive information.
Related vulnerabilities
A Password in Configuration File issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to...
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input v...
Buffer overflow w wtyczce przeglądarki Hikvision LocalServiceComponents
Some Hikvision Hybrid SAN/Cluster Storage products have an access control vulnerability which can be used to o...
The web server of some Hikvision wireless bridge products have an access control vulnerability which can be us...