Powered by MOMENTUM MEDIA

Breaking news and updates daily. Subscribe to our Newsletter!

Breaking news and updates daily. Subscribe to our newsletter

ACSC flags risks across Hikvision devices

By Reporter
23 September 2021 | 1 minute read

Malicious cyber actors may assume full control over camera devices produced by the technology company, the ACSC has warned.

The Australian Cyber Security Centre (ACSC) has identified vulnerabilities in particular products developed by internet protocol camera manufacturer Hikvision.

According to the cyber agency, some Hikvision users may be susceptible to hacks from malicious actors, which may be capable of assuming full control of the vulnerable device.

Advertisement
Advertisement

Once assuming control, cyber actors may gain access to device functionality or target other devices on the same network in a bid to steal information or install malware.

Cyber criminals can reportedly exploit the devices by hacking web server exposed by the Hikvision device via the internet or a local WiFi network.

“It is common that these products are exposed to the internet to allow for remote monitoring or administration,” ACSC noted.

PROMOTED CONTENT

Hikvision has provided a list of affected products, which include the following models:

  • DS-2CVxxx1
  • DS-2CVxxx5
  • DS-2CVxxx6
  • HWI-xxxx
  • IPC-xxxx
  • DS-2CD1xx1

The ACSC noted that it is possible that other device manufacturers may leverage Hikvision hardware and firmware, and encouraged users to monitor individual vendors for relevant security advisories.

The agency has urged Australian owners of Hikvision products to consult the company’s security advisory and potentially apply firmware updates.

“As part of cyber security best practice Australian owners should, if possible, prevent such devices from being accessed from anywhere on the internet,” the ACSC concluded.

ACSC flags risks across Hikvision devices
cyber-hacker_850x480_csc.jpg
lawyersweekly logo
newsletter
cyber security subscribe
Be the first to hear the latest developments in the cyber security industry.
Regular Podcast Updates