It had come to our attention through our ProActive Monitoring systems that in the recent week, multiple HIKVISION IP Cameras in Singapore are under hacking attacked and had their password changed/settings reset to default.
Only some of the IP Cameras models are affected.
For Lakson Customers who had their CCTV Cameras purchased and installed by us and monitored under our ProActive monitoring system, we had already or are in the mids of taking proactive steps to patched up the vulnerabilities.
For those users of the systems who had purchased the system from other vendors, do take the necessary steps to upgrade the firmware for your systems. You may refer to the HIKVISION security bulletin below for the affected models and steps to take to update your IP Camera firmware. Do Immediately Upgrade your HIKVISION IP Camera Firmware to patch the vulnerability.
If you are using Grey Market devices, i.e. HIKVISION equipment meant for China Market with altered firmware, you’ll need to check with the oversea vendor your purchased the equipment from if they have any solution for this issues.
Thank you for your continued support.
Hikvision Security Advisory
September 22, 2017
Dear Valued Customers and Partners:
Reminder to apply known vulnerability patch
Early in March, Hikvision was made aware of a privilege-escalating vulnerability in certain IP cameras. Firmware update that resolves the issue has been readily available on the Hikvision website since mid-March. Please see the referred vulnerability information and links to updated firmware.
Recently, a few online reports on cyberattacks over part of Hikvision products have been brought to our attention. Regarding this, Hikvision reaffirms that updating all systems to the latest version is an effective way to prevent your equipment from being vulnerable to cyberattacks. We have provided the available solution and we urge all our partners and users to ensure that the firmware update is being applied to all the products in order to reinforce cybersecurity protection of Hikvision systems.
Hikvision takes cybersecurity concerns with the utmost seriousness and takes action everyday to ensure that our products are not only innovative, but they meet the highest standards of cybersecurity best practices.
Please check the above link and make sure that all cameras are running on the latest firmware. More information on the vulnerability and our resolution efforts can be found at Hikvision Security Center. Should you wish for assistance or have any other concerns about Hikvision products that you’d like to discuss, please contact Hikvision branch office, representatives or consult us at email@example.com.
Hikvision Digital Technology Co., Ltd.
Update on Privilege Escalating Vulnerability Notice-HQ
May 4, 2017
Dear Valued Customers and Partners:
Hikvision is honored to work with the U.S. Department of Homeland Security’s National Cybersecurity and Communications Integration Center in our ongoing cybersecurity best practice efforts.
We’re pleased to announce that Hikvision’s successful progress on a privilege-escalating vulnerability has been acknowledged by ISC-CERT (Industrial Control Systems Cyber Emergency Response Team). Specifically, ISC-CERT has recognized that on March 13, 2017 Hikvision released the fixed firmware version 5.4.41/5.4.71 to address the user privilege-escalating vulnerability on those particular affected camera models.
What do customers need to know about the privilege-escalating vulnerability? What steps should customers take to enhance the cybersecurity of Hikvision systems?
·Please review the March 13,2017 notice, which outlines potential cybersecurity concerns that could arise with specific cameras under certain, fairly uncommon circumstances. To date, Hikvision is not aware of any reports of malicious activity associated with this vulnerability. ·Hikvision always recommends a systematic, multi-step approach to enhance cybersecurity protection. To assist customers and partners, Hikvision offers a number of industry-leading cybersecurity resources. Please visit the Hikvision Security Center for more information.
·The Hikvision Network Security Hardening Guide is a new resource for installers.
Did ISC-CERT recommend further enhancements in future firmware upgrades?
·ISC-CERT specifically identified the area of potential concern about the “configuration file”.
Under what circumstances is there a concern with the configuration file? How will Hikvision address this concern?
·The configuration file is encrypted and is therefore not readable, and protects users’ credentials. Also, the configuration file can only be exported by the admin account. Hikvision appreciates ICS-CERT’s comment, and will enhance the private key decryption storage method in the upcoming firmware release.
Hikvision is proud to be at the forefront of the move to improve cybersecurity best practices in our industry. Cybersecurity must be top-of-mind throughout the product lifecycle, from R&D and manufacturing to installation and maintenance. Hikvision’s in-house cybersecurity experts are dedicated to constantly assessing and improving our products and our processes, and the Hikvision team provides market-leading cybersecurity education and support to our valued customers. We’re also actively engaged with our competitors and partners on collaborative cybersecurity efforts that benefit our entire industry.
Interoperability is key to the success of IP video technology. While it’s exciting to watch the ecosystem of video surveillance devices multiply, this also increases our cybersecurity challenges. Establishing interoperability standards for video surveillance should be a top priority and one that everyone in the surveillance industry needs to share.
If you have any questions or concerns about Hikvision products, please contact Hikvision branch office, representatives or consult us at firstname.lastname@example.org. For technical concerns, you may contact email@example.com.
Hikvision became aware of a privilege–escalating vulnerability that could potentially present a cybersecurity concern under certain, fairly uncommon circumstances. With this announcement, Hikvision would like to notify you that our R&D team has determined that a firmware update will be required to resolve this issue. The issue is resolved once the device is upgraded to the latest firmware.
What is the privilege-escalating vulnerability?
When a specific request code is used to access the IP cameras with particular firmware versions directly, it may allow attackers to obtain an unauthorized escalated additional user privilege to acquire or tamper with the device information.
Which Hikvision products could be affected and how are those cameras accessed?
This code error only affects the Hikvision IP cameras listed in the attached “Security Notification: Privilege-Escalating Vulnerability in Certain Hikvision IP Cameras.”
The overwhelming majority of Hikvision cameras are accessed through aconnected NVR, Hikvision iVMS software, or third-party VMS software. As such, it limits the possibility for Hikvision IP cameras to be open to public access, lowering the risk of the cybersecurity exposure. To date, Hikvision is not aware of any reports of malicious activity associated with this vulnerability.
How is Hikvision resolving this issue?
In the interest of protecting our customers from any potential cybersecurity threat, Hikvision is taking proactive action to make you aware of this issue, and to inform you of the firmware upgrade, readily available now, that resolves this issue.
What should users of these particular cameras do?
Hikvision is advising all users of these cameras to upgrade to the correct firmware version, which fixes this issue.
Please note, for the Affected Versions’ firmware listed in the table below, you may need a two-step upgrade process. We’ve packed all necessary firmware and a README text file into a single download file. Please follow the README instruction to upgrade your device’s firmware. If you’re still using HiDDNS service directly connected to your IP camera, please use v5.4.41 (v5.4.71 for DF series PTZ), which is packed in the download file. Starting with v5.4.5 (v5.4.9 for DF series PTZ) HiDDNS service is no longer supported, but only Hik-Connect is available.
Please refer to the table below.
Cybersecurity risk is one of the biggest ongoing challenges facing the security industry today. As your trusted partner, we believe it’s our responsibility to be vigilant and transparent about cybersecurity threats, to keep you informed, and to employ the industry’s best practices. We encourage our partners to take advantage of the many cybersecurity resources Hikvision offers, including the Hikvision Security Center – an industry-leading cybersecurity resource. At the Security Center you can find detailed information about the Hikvision Network and Information Security Lab, third-party and internal testing, and third-party certifications. Additionally, customers can also contact Tech Support or their Hikvision representative anytime with any concerns or questions.
Thank you for your continued support.