ADI Hides Dahua Relabeled Capture Camera Critical Vulnerability [Now Issues Notification]

By Ethan Ace and Rob Kilpatrick, Published Oct 08, 2021, 09:12am EDT (Info+)

ADI's Dahua-relabeled Capture cameras are vulnerable to a critical vulnerability, IPVM has verified. However, ADI has not notified users nor posted instructions to patch them plus ADI management refused to respond to IPVM.

IPVM Image

In this report, we examine the details of these vulnerabilities, proof of concept showing they are vulnerable, response from ADI management and tech support, and how relabeling impacts cybersecurity.

Update, more than 3 months after Dahua was informed and a month after Dahua disclosed publicly, ADI has issued a statement copied primarily from Dahua's statement:

IPVM Image

ADI ******* ********

******* ** ***'* ****** "***** *****" of ************ *********, ******** ******* ** 2021, ********** ** ********* ***** ******* and ****, ******** ** *** ********* ******** ******** *****.

******* ** *** ********* *****'* *-*** *****, ****** **** ***** ***** **** line, ** ****.

Dahua ******** ************** ****** ***************

** ********* ** *** ****,*****'* ******** *************** (*** *** ******)*** ** *********:

...****** *** ***** *******. ********* *** bypass ****** ******** ************** ** ************ malicious **** *******.

*** *** *************** **** ******** ** how **** *** *********, *** *** conceptually *******.******' ********************* **** *******.

*** **** *** ****** **** *************** as *.*, ***** ** ******** ******** according ******** ************* ******* ****** (****) ** metrics(******-****-***********-****-*****).

ADI ******* ************* ***** ** *******

******, *** ********** *** ********** *** Dahua ******** ***************, *** ******** * proof-of-concept (************ ** ******) **** ****** ******* ******* *** vulnerable.

** *** ******* *****, ** *** the ****** ** ******* ** * Capture **-******** ****** ** *** *** network, **** *** "*******" ******* ****** indicating **** *** ****** ** **********. In **** ****, ***-****-***** ("***********" **** bypass) *** ****, ****** ******* *** similar ***** *** ******** *************.

IPVM Image

*** ******* ****** **** ** **** example ** ******* ******** **.***.*******.*.*, ***** Date: ****-**-**.

** ********, ***-********** ******* ****** **** "Failed" **** ********** ** *** *** script, *.*., ** *** ******* **-**-**** firmware ** **** *******.

IPVM Image

Low ********** ******** ********

******' ***** ** ******* **** *** further ******* *** *******, *** ***** this ************** ****** ** ****** ******** on *** ******, ******/****** *****, ** disable ** ******** ** *** ********** and ******** ******* *********** ****** *** even ********** ******* ******** *********.

No ************ ** ***************

***'* ******* ************ ** *********** ********* ***** ****** vulnerabilities, *** **** ** (** * purchaser ** ******* *******) ******** *** notification *** ***** ** *********. ** asked *** ** ************* **** **** or ********* ********, *** **** **** not ********* ** *** ******* *** comment.

ADI **** ******* *******

**** ** ********* *** **** *******, no ***** ** ***** ** **** aware **** ******* ******* **** ******** by ***** ***************. *******, **** ** asked ** ******* ******** *** *********, one **** ******* **** **** "***** it" *** **** **** ***** ***** the ****** ******** ** **, ***** we **** *** *** ********.

Firmware ******* *** ******

*** **** ******* **** **** **** are "******* **" ******* ******** ******, though *** *** **** * ******** for ********** ****. ** ** **********, the **** ******* *********** ********* *** Capture ** ***** ** *** ****** of*** *** ***** ****, ********** ****** ** * ******* form *** ***** ******.

No ******** **** ***

*** ********** *** *** ******* ** requests *** *******. **/**** **** *******, we **** ****** **** ******.

Trust *** ********

***** *************** *** *** ****** ** a **** ********* *** ** ***** *** *** product ***************, ***** ************ ********** ******* **** ****** ********* chips,************ ****** ********* ***** *******, *** *********"******** **" ** ***** ***** **** were ********** *** ***** ****** ******.

Relabeling ************* ****

******* *******' ************* *************** ********** *** of *** ***** ***** ** **********. Since ***'* ***** ** *** ********* in ***** ***** ***************, *** **** to ***** ***** ** **** *****, making ** **** ****** **** **** will ** ********* ** *********** ****** firmware *** ****** ***** ** ***** potential ******** *** *****.

*******, ** *** ****** **** ********** shown, ********** ***** ******* ** ********** devices ** ***** ** ***** **** them ********* ** **** ** *** public, ** *********** ******* **** **** used ** ****** **** *******,******* ********** **** ****** ******** ******* *******.

Comments (11)

IPVM Image

Agree: 1
Disagree
Informative
Unhelpful
Funny: 1

*** **** ** ***** ***********, ** should ** *******

Agree: 1
Disagree: 1
Informative
Unhelpful
Funny

** *** **** ********* ** ****, anymore? * ****, *** ****** **** are ********* **** **** **** ** vulnerability ******** ****'* ****** ***-**** ******** from ***, ******. *** *** ****** that ****'* ********* **** **** *** probably *** **** ************ *****-******** **** aren't ******* ****, ******, *** ******'* care **** **** ******* ****, ** they *** **** **. *** **** is **** ********** **** *** ** still ***. *'* *** *********, *** I **** **** *'* ******** ** the ********. ****** *** *** *******, though.

Agree
Disagree
Informative
Unhelpful
Funny

***, ***, * *** **** *******.

* ** ******* **** *** *** and ****** ** ****** **** ****.

*** ********* ** ****** *** **** of ********** ** *** ****"**** ** ************ ****** *** ******** security ** *** ****** ****** ** the ******** *** ****** ** ****** States *******" **** **** *.* *************** that **** **** *** *****.

*** ***** ** *** ***** ** ADI **** *** ****** *** ** held *********** *** ****?

Agree
Disagree
Informative
Unhelpful
Funny

** *** ********, * ** *** need ** ***** ****** ** *** to ******* **** ****** ** **** accountable. ** ** *****: * ***** ANYONE ********* ****** *** **** ** devices*** ** *** ****"**** ** ************ **** ** *** national ******** ** *** ****** ****** or *** ******** *** ****** ** United ****** *******" ****** ** **** accountable. ******* * ***** ****** ** them, ** ***.

** **** *****'* ******** ** **** ADI *** ******* ** **** **** of ********.

Agree
Disagree
Informative
Unhelpful
Funny

*** ******* * *** **** ** ********, ** *** ****** *** ******* responded, ****** **, **** *** ****** not *** **. ****....

IPVM Image

Agree
Disagree
Informative
Unhelpful
Funny

******, *** *** *** ****** * notification, ******* ****** **** *****'*:

IPVM Image

Agree
Disagree
Informative: 2
Unhelpful
Funny

* ****** *** **** ** ** had ** ** **** **** *******.

** *** ** ********** *** *** OEM *** * ************* **** ****** be ******* ** *** *** **** through *** ***'* ******** (***, *** example, *** *** ****** *** *** OEM **), **** *** ********** *** a ************** ** *** **** ****** ASAP *** ***** *** ********.

**** *** * ******* *** ** when **** **** ****** *********. ** bought * ***** ** ***** *-*** IP ********* ***** *** **** ********* Hik ***, *** ** *** ***** uploading *** ******** *** ****** ***** just ****** ** ****** ** *** incompatible.

Agree
Disagree
Informative: 1
Unhelpful
Funny

* ****** *** **** ** ** had ** ** **** **** *******.

** ******** ******* ** **** **'* 95% ****** ** **** ******* *** IPVM, *** ***** *% ** ** can ******** ** ****** ** ** PoC - *** ****'* **** ** main ****** *** ********* ******* ***.

Agree: 1
Disagree
Informative
Unhelpful
Funny

** ***** *** **** ******** ** without ****** ***.

*** ****** *** ***** **** ********** updated *** ******** *** * ** think ** ******* ********* ** **** helped *** ***** (****** * ***'* see *** ****** ** *** *** did *** ****** ******** ****** ***** Dahua ******** ********* **** **** **** a ***** ***).

Agree: 2
Disagree
Informative
Unhelpful
Funny

*** ******** ** ***** ******** *********, a ***** *****+ ** *************, *** at ** ********** ******. /*

Agree
Disagree
Informative
Unhelpful
Funny: 2
Login to read this IPVM report.
Why do I need to log in?
IPVM conducts reporting, tutorials and software funded by subscriber's payments enabling us to offer the most independent, accurate and in-depth information.
Loading Related Reports