- Messages
- 5,156
- Points
- 113
Hikvision have declared a vulnerability that affects the below devices, and recommends that you update your device(s) to the latest available firmware ASAP.
The affected devices are listed below:
Affected Versions
You should be able to find new firmware for your device by navigating from here
Hikvision has issued a patch, available on our website, to fix a vulnerability (CVE-2023-48121) in some Hikvision products.
The vulnerability has been rated as 8.2 using the CVSS v3.1 calculator. The list of products affected by the vulnerability can be found in our Security Notification. While Hikvision is not aware of this vulnerability being exploited in the field, we recognize that many of our partners may have installed Hikvision equipment that is affected by this vulnerability and we strongly encourage them to work with their customers to install the patch and ensure proper cyber hygiene. Unpatched devices are not vulnerable unless Hik-Connect is enabled, however, Hikvision recommends the patch be installed regardless of the use of Hik-Connect.
The vulnerability is found in an SDK developed by EZVIZ, which is integrated into a Hik-Connect module for cloud-related services.
Hikvision takes cybersecurity very seriously and has a long track record of responsibly and publicly disclosing vulnerabilities and patches. The company strictly complies with the laws and regulations in all countries and regions where we operate, and we apply the highest standards of cybersecurity practices in an effort to best protect the users of Hikvision products around the world.
The affected devices are listed below:
Affected Versions
No | Product Name | Affected Versions |
1 | DS-2CV1xxx | build date before 231108 |
2 | DS-2CV2xxx | build date before 231108 |
3 | DS-2CD1xxx | build date before 230614 |
4 | DS-2CD2xxx | build date before 231110 |
5 | DS-2CD2xxx-W | build date before 230831 |
6 | DS-2CD3xxx | build date before 210429 |
7 | HWI-xxxx | build date before 231108 |
8 | IPC-xxx | build date before 230614 |
9 | DS-2DE4xxx | build date before 230519 |
10 | DS-2DE2Axx | build date before 230612 |
11 | iDS-EXXHUH DS-EXXHGH iDS-EXXHQH DVR-EXXHUH DVR-EXXHGH DVR-EXXHQH | V4.71.210 build date before 230825 |
12 | iDS-72XXHQH-M(C) iDS-72XXHUH-M(C) iDS-72XXHQH-M(E) iDS-72XXHUH-M(E) iDS-72XXHTH-M(C) HW-HWD-72XXMH-G4 HW-HWD-62XXMH-G4 HL-DVR-216Q-K2(E) | V4.71.110 build date before 230823 |
13 | DS-71XXHGH-M(C) DS-72XXHGH-M(C) DS-71XXHGH-K(S) DS-72XXHGH-K(S) HL-DVR-1XXG-K(S) HL-DVR-2XXG-K(S) HL-DVR-1XXG-M(C) HL-DVR-2XXG-M(C) HW-HWD-51XXH(S) HW-HWD-51XXH-G HW-HWD-51XXMH-G iDS-71xxHQH-M(C) iDS-71xxHQH-M(E) iDS-72xxHQH-M/E(C) iDS-72xxHQH-M/E(E) HL-DVR-2XXQ-M(C) HL-DVR-2XXQ-M(E) HW-HWD-61XXMH-G4 HW-HWD-61XXMH-G4(E) iDS-71xxHUH-M(C) iDS-72xxHUH-M/E(C) iDS-71xxHUH-M(E) iDS-72xxHUH-M/E(E) HL-DVR-2XXU-M(C) HL-DVR-2XXU-M(E) HW-HWD-71XXMH-G4 HW-HWD-71XXMH-G4(E) | V4.71.131 build date before 230913 |
14 | DS-76xxNI-Q1(/xP)(D) DS-76xxNI-Q2(/xP)(D) DS-77xxNI-Q4(/xP)(D) DS-76xxNXI-K1(/xP)(B) NVR-2xx(M)H(-xP)-C(D) NVR-1xx(M)H(-xP)-C(D) HW-HWN-42xx(M)H(-xP)(D) HW-HWN-41xx(M)H(-xP)(D) | V4.75.000 build date before 230620 |
15 | DS-71xxNI-Q1(/xP)(/M)(D) DS-76xxNI-Q1(C) DS-76xxNI-Q2(C) DS-76xxNI-K1(C) HL-NVR-1xx(M)H-D(D) HW-HWN-21xx(M)H(-xP)(D) HW-HWN-41xxMH(C) HW-HWN-42xxMH(C) HL-NVR-1xxMH-C(C) HL-NVR-2xxMH-C(C) | V4.74.100 build date before 230707 |
16 | DS-76xxNI-K2 DS-77xxNI-K4 | V4.74.205 build date before 230712 |
17 | HL-NVR-EXXMH-D/4P(SSD 1T) HL-NVR-EXXMH-D/4P(SSD 2T) DS-EXXNI-Q1(SSD 1T) DS-EXXNI-Q1(SSD 2T) | V4.30.075 build date before 230925 |
You should be able to find new firmware for your device by navigating from here