CVE-2025-66176
8.8
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: hsrc@hikvision.com (Secondary)
Description
There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
Affected (28)
Products: Hikvision: Ds K1t331 Firmware, Ds K1t341a Firmware, Ds K1t341b Firmware, Ds K1t671 Firmware, Ds K5671 Firmware, Ds K1t672 Firmware, Ds K1t680 Firmware, Ds K1t981 Firmware, Ds K1t341c Firmware, Ds K1t670 Firmware, Ds K1t673 Firmware, Ds K1t8003 Firmware, Ds K1t804a Firmware, Ds K1t804b Firmware, Ds K1t201a Firmware, Ds K1t105a Firmware, Ds K1t342 Firmware, Ds K1t343 Firmware, Ds K1t344 Firmware, Ds K1t6qt F72 Firmware, Ds K1t6qt F43 Firmware, Ds K1t8005 Firmware, Ds K1t808 Firmware, Ds K1t320 Firmware, Ds K1t321 Firmware, Ds K1t323 Firmware, Ds K1t510 Firmware, Ds K5033 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.7.80 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t331 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.7.80 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t341a | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.7.80 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t341b | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.7.80 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t671 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.7.80 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K5671 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.7.80 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t672 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.7.80 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t680 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.7.80 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t981 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.3.180 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t341c | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.48.0 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t670 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.48.0 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t673 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 1.4.21 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t8003 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.4.22 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t804a | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.4.23 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t804b | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.3.65 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t201a | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 1.3.65 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t105a | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.48.0 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t342 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.48.0 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t343 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.48.0 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t344 | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.48.0 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t6qt F72 | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.48.0 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t6qt F43 | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.25.40 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t8005 | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.25.40 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t808 | All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.9.40 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t320 | All versions |
Configuration Y
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.9.40 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t321 | All versions |
Configuration Z
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.23.41 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t323 | All versions |
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.23.41 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K1t510 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 4.37.40 |
| Running on/with | Platform Versions |
|---|---|
Hikvision Ds K5033 | All versions |
References (2)
Source: hsrc@hikvision.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.