Subscriber Discussion

Hikvision Fooling Users To Believe They Have Latest Firmware

UE
Undisclosed End User #1
Sep 12, 2017

Ok, to what I know that the latest firmware for my IPC is: V5.4.5 Build 170123

Currently I'm running: V5.4.3 build 160705

 

There is a button on "Configuration -> System Settings -> Basic Information" called "Update".

Clicking on the button to check if i should update Firmware or I have latest, and the message says "No detect new versions, the current version is the latest".

 

WTF?

Why have a button to check latest Firmware, when it always reporting "You have latest", when I for fact do know I don't have?

----

IPVM UPDATE - Hikvision response below:

This function, thru the P2P servers, is regional. It has not been implemented in North America at this time. I cannot speak for other regions.

There has been inconsistency in which products/firmware versions have the button also.

The message that "you have the latest" is not properly worded. If the server does not have any firmware, it will provide that reply. We have requested that future firmware releases have more specific responses based upon the server firmware availability.

In this case, the message should be "Firmware for this model is not available on the server, please contact your Hikvision Support Representative for further information"

(3)
U
Undisclosed #2
Sep 12, 2017

(1)
(18)
UE
Undisclosed End User #1
Sep 12, 2017

Love it! That was very popular in most communities about 10-15 years ago, but I always smile on this sentence after I saw my ex employer saw this message on his HP printers LCD, after I uploaded with PJL. (no I was not fired - lol)

(1)
U
Undisclosed #3
Sep 13, 2017
IPVMU Certified

Kudos for matching the font of the original message!

(1)
(2)
Avatar
Rob Kilpatrick
Sep 18, 2017
IPVM • IPVMU Certified

Can you specify what kind of Hikvision camera you are seeing this update button on so we can verify?

UE
Undisclosed End User #1
Sep 19, 2017

DS-2CD2020F-IW

Avatar
Franky Lam
Sep 19, 2017
Zen Foods Group

For honestly here in HONG KONG, people will use Hikvision due to their price, not the quality or security reason.

JH
John Honovich
Sep 19, 2017
IPVM

Franky, in your experience, what are the most common alternatives to Hikvision in Hong Kong?

Avatar
Franky Lam
Sep 20, 2017
Zen Foods Group

What's up, John? It is nice to chatting with you.

Hikivision has a sole distributor in Hong Kong, but since Q4 2016 Hikivision has setting a base office and direct contact to the end-user. From what I hear is they do direct sell to the end-user.

I think this action is broken the relationship between the manufacture and SI. Bad move of them. Other than that, Hong Kong Government Agents have use their product begin 2015, but due to the product quality and cyber security reason. Most of the tender do not seems this product to be the first choice of SI.

I always hear some of the SI said Hikivision is a BIG COMPANY and BIG MARKET SHARE. Of course, cheap low price will bring a short period of time market share. But from my past experience, it won't work out for long.

UM
Undisclosed Manufacturer #4
Sep 20, 2017

I think that it depends on what server the camera is checking against.  Depends on what region the camera is designed for.  If that region has not updated their server, due to laziness or they don't have the updated firmware yet, or they don't care about the update service.

Region locked devices need to have the firmware compiled and released for that specific region, which is an issue when critical cyber security updates are released and you are left waiting....

Also, the update service can be just wrong, due to incorrect configuration files, or unsupported models, or could be hacked to prevent updates from spreading.

(1)
UE
Undisclosed End User #1
Sep 20, 2017

The IPC is almost new, still supported and only hacked by myself.

Anyhow, the update button seems to require Hik-Connect, but have this enabled/disabled gives same result.

I agree it would been great if it working, for the reason you saying.

Anyone else have this button? does it work? what model/region?

 

UE
Undisclosed End User #5
Sep 20, 2017

Are you connected to the internets?

(1)
UE
Undisclosed End User #1
Sep 20, 2017

Does RTTY count as internet? -sarcasm (Yes, of course, and no PNP/Cloud enabled except during tests)

Avatar
Sean Nelson
Sep 20, 2017
Nelly's Security

This is a big gripe of mine as well. This feature has never worked. This would be a great step in ensuring people have the latest firmware for their devices.

(1)
UE
Undisclosed End User #1
Sep 20, 2017

Model / Region? :)

Avatar
Sean Nelson
Sep 20, 2017
Nelly's Security

we sell OEM, and i have never been able to get this to work on any of our models. Cameras or DVR's under any firmware. 

(1)
Avatar
Rob Kilpatrick
Sep 21, 2017
IPVM • IPVMU Certified

Looked into this on a lot of different Hikvision cameras including:

  • DS-2CD2035FWD-I 
  • DS-2CD4526FWD-IZH
  • DS-2CD2355FWD-I
  • DS-2CD2125FWD-I
  • DS-2CD2342WD-I
  • DS-2CD4585WD-I

Also 3 NVR:

  • DS-9632NI-I8
  • DS-7608NI-I2/8P
  • DS-7604NI-I2/4P

The only camera that the update button was available on was the 4585 on the latest US firmware (5.4.5). I downgraded to the next available firmware (to check if I could "update"), but the button to upgrade was gone. Apparently the update button just currently doesn't work.

As someone who frequently has to upgrade firmware on Hikvision cameras, this would be a huge help.

(2)
UM
Undisclosed Manufacturer #6
Sep 21, 2017

Note: I am a Hikvision Employee

This function, thru the P2P servers, is regional. It has not been implemented in North America at this time. I cannot speak for other regions.

There has been inconsistency in which products/firmware versions have the button also.

The message that "you have the latest" is not properly worded. If the server does not have any firmware, it will provide that reply. We have requested that future firmware releases have more specific responses based upon the server firmware availability.

In this case, the message should be "Firmware for this model is not available on the server, please contact your Hikvision Support Representative for further information"

(4)
Avatar
Sean Nelson
Sep 21, 2017
Nelly's Security

awesome. glad to see hik back on ipvm

(1)
(1)
UE
Undisclosed End User #1
Sep 21, 2017

It's seems not to be functional in west/east Europe either, so where it has actually been implemented? Asia?

Anyhow, thanks for openly information, appreciated!

UE
Undisclosed End User #1
Sep 21, 2017

Interesting, I got tcpdump running on my router, see the cam connecting up to "eu-west-1.compute.amazonaws.com" when I enable "Hik Cloud P2P", fine.

Interesting part comes to when I hit the "Update" button, not one single request from the IPC passing the router, isn't that weird you think?

There should be something, anything passing out - cleartext or encrypted, right?

But, there is absolutely _nothing_... huh?

 

UI
Undisclosed Integrator #7
Sep 21, 2017

Sorry to see anyone Hikvison online, the deck is stacked.

(2)
(3)
U
Undisclosed #2
Sep 21, 2017

I almost never vote unhelpful though I admit to using disagree all the time.  Your post was an off-hand slam... and though I like the style, the message falls flat, imo...

anytime we can get a manufacturer who (at least this dude) wants to try and help and explain something that is not well understood, I think that is a good thing - no matter who the manufacturer is. 

(4)
UE
Undisclosed End User #1
Sep 21, 2017

Agree!

(1)
U
Undisclosed #3
Sep 21, 2017
IPVMU Certified

Informative!

(1)
JH
John Honovich
Sep 21, 2017
IPVM

the deck is stacked.

To be clear, to others, #7 is coming from the perspective as a Hikvision supporter, not adversary.

We know enough here that there is a bug in this functionality in some Hikvision models / version. And it is valuable for and to Hikvision to contribute and explain what the issues are and what they plan to do it. I've added that response to the top of the thread for greater clarity.

#7, this is far more productive than people finding problems with Hikvision products and Hikvision simply ignoring it.

(3)
New discussion

Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.

Newest discussions