SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-541722841] Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2017-05-04OtherDahua TechnologyResearcher Bashis disclosed these vulnerabilities without coordination with ICS-CERT. N/ACVE-2017-7927 CVE-2017-7925 N/AN/AN/A

Source

						
							
								
#
# Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras
#


### VULNERABLE VENDOR
Dahua Technology


### VULNERABLE PRODUCT
Digital Video Recorders and IP Cameras



### RESEARCHER
Researcher Bashis disclosed these vulnerabilities without coordination with ICS-CERT.



### AFFECTED PRODUCTS

The following Dahua Technology Co., Ltd (Dahua) network cameras are affected:

DH-IPC-HDBW23A0RN-ZS,
DH-IPC-HDBW13A0SN,
DH-IPC-HDW1XXX,
DH-IPC-HDW2XXX,
DH-IPC-HDW4XXX,
DH-IPC-HFW1XXX,
DH-IPC-HFW2XXX,
DH-IPC-HFW4XXX,
DH-SD6CXX,
DH-NVR1XXX,
DH-HCVR4XXX, and
DH-HCVR5XXX.
The following Dahua Digital Video Recorders (DVRs) are affected:

DHI-HCVR51A04HE-S3,
DHI-HCVR51A08HE-S3, and
DHI-HCVR58A32S-S2.



### IMPACT

Successful exploitation of these vulnerabilities could allow the attacker to obtain user credentials, including password hashes, and use these credentials to bypass authentication.



### VULNERABILITY OVERVIEW

USE OF PASSWORD HASH INSTEAD OF PASSWORD FOR AUTHENTICATION CWE-836
The use of password hash instead of password for authentication vulnerability was identified, which could allow a malicious user to bypass authentication without obtaining the actual password.
CVE-2017-7927 has been assigned to this vulnerability.
A CVSS v3 base score of 7.3 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)


PASSWORD IN CONFIGURATION FILE CWE-260
The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information.
CVE-2017-7925 has been assigned to this vulnerability.
A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)





### BACKGROUND

Critical Infrastructure Sector(s): Commercial Facilities, Critical Manufacturing, Financial, Government Facilities, and Transportation Systems
Countries/Areas Deployed: Worldwide
Company Headquarters Location: China




### MITIGATION

Dahua has released updated firmware to mitigate these vulnerabilities.

Updated software can be obtained from Dahua technical support or an authorized Dahua distributor.

In addition, Dahua released the following security notifications for users:

Cyber Vulnerability Affecting Certain Dahua IP Cameras and Recorders (March 6)


Cybersecurity Statement - March 6, 2017


Cybersecurity Vulnerability Update - March 8, 2017


Cyber Vulnerability Affecting Certain Dahua IP Cameras and Recorders (April 3)


Dahua's original notification specifies 11 affected models, but after initial testing, Dahua has identified additional series and models in the following security notification:

Security Notification DHCC-201703-01