Published:2024/01/18  Last Updated:2024/01/18

JVN#83655695
Multiple Dahua Technology products vulnerable to authentication bypass

Overview

Multiple products provided by Dahua Technology contain an authentication bypass vulnerability.

Products Affected

Versions with Build time before June 2021 for the following products are affected:

  • IPC-HX1XXX, HX2XXX, HX3XXX, HX5(4)(3)XXX, HX5XXX, HUM7XXX, HX8XXX
  • VTO75X95X, VTO65XXX
  • DHI-ASI7213Y-V3-T1
  • VTH542XH
  • PTZ Dome Camera SD1A1, SD22, SD49, SD50, SD52C, SD6AL
  • Thermal TPC-BF1241, TPC-BF2221, TPC-SD2221, TPC-BF5XXX, PC-SD8X21, TPC-PT8X21B

Description

Multiple products provided by Dahua Technology contain an authentication bypass vulnerability (CWE-287).

Impact

The product's identity verification may be bypassed if a remote attacker sends specially crafted data packets.

Solution

Update the software
Update the software to the latest version according to the information provided by the developer.

References

JPCERT/CC Addendum

The developer published DHCC-SA-202106-001 advisory regarding CVE-2021-33044 in September 2021. However it was decided to publish JVN#83655695 advisory because the reporter found that the vulnerability existed in other product/version which had not been originally listed in DHCC-SA-202106-001.

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score: 8.1
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)
CVSS v2 AV:N/AC:H/Au:N/C:C/I:C/A:C
Base Score: 7.6
Access Vector(AV) Local (L) Adjacent Network (A) Network (N)
Access Complexity(AC) High (H) Medium (M) Low (L)
Authentication(Au) Multiple (M) Single (S) None (N)
Confidentiality Impact(C) None (N) Partial (P) Complete (C)
Integrity Impact(I) None (N) Partial (P) Complete (C)
Availability Impact(A) None (N) Partial (P) Complete (C)

Credit

Mitsui Bussan Secure Directions, Inc. reported the vulnerability existed in "DHI-ASI7213Y-V3-T1" to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2021-33044
JVN iPedia JVNDB-2024-000007