JVN#11779839
Hikvision network camera security enhancement to prevent cleartext transmission of Dynamic DNS credentials

Overview

Hangzhou Hikvision Digital Technology Co., Ltd. provides firmware updates for multiple network cameras as a security enhancement, changing the behavior to communicate with Dynamic DNS services, to prevent cleartext transmission.

Products Affected

• DS-2CD1xxxG0 versions prior to V5.7.23 build241008
• DS-2CD2xx1G0 versions prior to V5.7.23 build241008
• DS-2CD3xx1G0 versions prior to V5.7.23 build241008
• IPC-xxxxH versions prior to V5.7.23 build241008
• DS-2CD29xxG0 versions prior to V5.7.21 build240814
• DS-2CD1xxxG2 versions prior to V5.8.4 build240613
• DS-2CD3xx1G2 versions prior to V5.8.4 build240613
• HWI-xxxxHA versions prior to V5.8.4 build240613
• IPC-xxxxHA versions prior to V5.8.4 build240613
• DS-2CD2xxxG2 versions prior to V5.7.18 build240826
• DS-2CD3xxxG2 versions prior to V5.7.18 build240826
• DS-2CD2xxxFWD versions prior to V5.6.821 build240409

Description

Multiple network cameras provided by Hangzhou Hikvision Digital Technology Co., Ltd. support two Dynamic DNS services, DynDNS and NO-IP.
The user can select which to use on the GUI configuration page.
Both the services provide their APIs accessible via HTTP and HTTPS, but old firmware versions of Hikvision devices only support HTTP.
This means the credential information is transmitted in unencrypted form.
As a security enhancement, the new firmware versions are provided, which change the behavior to communicate with the APIs via HTTPS only.

Impact

When an affected device is configured to use either Dynamic DNS service, the credential information of the service may be obtained or the communication between the device and the service may be altered by a man-in-the-middle attack.

Solution

Update the firmware
Update the firmware to the latest version according to the information provided by the developer.