Does anyone know if the LTS firmware is still vulnerable to the HikVision backdoor? I have recently won some business with a customer who has a few sites still with LTS cameras. The firmware is out of date which leads me to believe it is vulnerable, but I can't find anything on their website that would say if it is. Contacting them yesterday was absolutely no help, the woman I talked to said I should be on the latest firmware but refused to acknowledge that there was any vulnerability so there would be nothing to fix. They have no release notes for the latest firmware on any products. Currently my customer is using, CMIP7442-M and CMIP7562F-E.
Subscriber Discussion
LTS Still Vulnerable?
Brian Karas
Nov 10, 2017Do you know what firmware versions they are running?
The easiest thing to do, if you can get access to the same network as the cameras or if they are remotely accessible, would be to just test the image snapshot download:
http://camera.ip/onvif-http/snapshot?auth=YWRtaW46MTEK
LTS lists 5.4.5 as the current firmware for the CMIP7442-M:
and 5.4.14 for the 7562:
When we did our scans for the Hikvision Backdoor Exploit post, 5.4.0 was the newest firmware found for vulnerable LTS 7442 models, and 5.4.14 for the vulnerable 7562 models (CMIP7562F-E units specifically, but only a few of these).
Given this, I would not trust that the current firmware available for the 7562's is patched, but the 7442's might have patched firmware. Still, I would test them to be sure, and if they have not been upgraded in the last ~2 months, chances are they are vulnerable.
UI
Undisclosed Integrator #1
Nov 10, 2017Hi Brian, They're using:
| CMIP7442-M | 5.40 build 170207 |
| CMIP7562F-E | 5.4.14 build 170320 |
| LTN8708K-P8 | 3.4.82 build 170504 |
Brian Karas
Nov 10, 2017Based on what we have seen from our scans, the cameras are vulnerable to the backdoor exploit. That did not affect Hikvision recorder firmware, so your 8 channel recorders would not have that vulnerability.
The recorder may have other vulnerabilities, such as: How To Hack Your Company's Hikvision Recorder.
UI
Undisclosed Integrator #1
Nov 10, 2017Thank you very much for the information.
New discussion
Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.
Newest discussions