ADI Hides Dahua Relabeled Capture Camera Critical Vulnerability [Now Issues Notification]

By Ethan Ace and Rob Kilpatrick, Published Oct 08, 2021, 09:12am EDT

ADI's Dahua-relabeled Capture cameras are vulnerable to a critical vulnerability, IPVM has verified. However, ADI has not notified users nor posted instructions to patch them plus ADI management refused to respond to IPVM.

IPVM Image

In this report, we examine the details of these vulnerabilities, proof of concept showing they are vulnerable, response from ADI management and tech support, and how relabeling impacts cybersecurity.

Update, more than 3 months after Dahua was informed and a month after Dahua disclosed publicly, ADI has issued a statement copied primarily from Dahua's statement:

IPVM Image

ADI ******* ********

******* ** ***'* ****** "house *****" ** ************ equipment, ******** ******* ** 2021, ********** ** ********* Dahua ******* *** ****, detailed ** *** ********* ******** ******** *****.

******* ** *** ********* to***'* *-*** *****, ****** **** ***** offer **** ****, ** well.

Dahua ******** ************** ****** ***************

** ********* ** *** CVEs,*****'* ******** *************** (*** our ******)*** ** *********:

...****** *** ***** *******. Attackers *** ****** ****** identity ************** ** ************ malicious **** *******.

*** *** *************** **** slightly ** *** **** are *********, *** *** conceptually *******.******' ********************* **** *******.

*** **** *** ****** both *************** ** *.*, which ** ******** ******** according ******** ************* ******* ****** (CVSS) ** *******(******-****-***********-****-*****).

ADI ******* ************* ***** ** *******

******, *** ********** *** discovered *** ***** ******** Vulnerabilities, *** ******** * proof-of-concept (************ ** ******) **** ****** ******* devices *** **********.

** *** ******* *****, we *** *** ****** to ******* ** * Capture **-******** ****** ** our *** *******, **** the "*******" ******* ****** indicating **** *** ****** is **********. ** **** case, ***-****-***** ("***********" **** bypass) *** ****, ****** results *** ******* ***** the ******** *************.

IPVM Image

*** ******* ****** **** in **** ******* ** running ******** **.***.*******.*.*, ***** Date: ****-**-**.

** ********, ***-********** ******* simply **** "******" **** attempting ** *** *** script, *.*., ** *** running **-**-**** ******** ** this *******.

IPVM Image

Low ********** ******** ********

******' ***** ** ******* does *** ******* ******* the *******, *** ***** this ************** ****** ** change ******** ** *** camera, ******/****** *****, ** disable ** ******** ** low ********** *** ******** without *********** ****** *** even ********** ******* ******** developer.

No ************ ** ***************

***'* ******* ************ ** *********** ********* these ****** ***************, *** have ** (** * purchaser ** ******* *******) received *** ************ *** email ** *********. ** asked *** ** ************* were **** ** ********* publicly, *** **** **** not ********* ** *** request *** *******.

ADI **** ******* *******

**** ** ********* *** tech *******, ** ***** we ***** ** **** aware **** ******* ******* were ******** ** ***** vulnerabilities. *******, **** ** asked ** ******* ******** was *********, *** **** replied **** **** "***** it" *** **** **** would ***** *** ****** firmware ** **, ***** we **** *** *** received.

Firmware ******* *** ******

*** **** ******* **** IPVM **** *** "******* on" ******* ******** ******, though *** *** **** a ******** *** ********** this. ** ** **********, the **** ******* *********** available *** ******* ** found ** *** ****** of*** *** ***** ****, ********** ****** ** a ******* **** *** phone ******.

No ******** **** ***

*** ********** *** *** respond ** ******** *** comment. **/**** **** *******, we **** ****** **** report.

Trust *** ********

***** *************** *** *** latest ** * **** of******* *** ** ***** ADI *** ******* ***************, ***** ************ ********** ******* **** banned ********* *****,************ ****** ********* ***** cameras, *** *********"******** **" ** ***** after **** **** ********** for ***** ****** ******.

Relabeling ************* ****

******* *******' ************* *************** illustrate *** ** *** major ***** ** **********. Since ***'* ***** ** not ********* ** ***** Dahua ***************, *** **** to ***** ***** ** much *****, ****** ** less ****** **** **** will ** ********* ** proactively ****** ******** *** notify ***** ** ***** potential ******** *** *****.

*******, ** *** ****** have ********** *****, ********** large ******* ** ********** devices ** ***** ** those **** **** ********* as **** ** *** public, ** *********** ******* have **** **** ** botnet **** *******,******* ********** **** ****** ******** ******* *******.

Comments (11)

IPVM Image

Agree: 1
Disagree
Informative
Unhelpful
Funny: 1

*** **** ** ***** engineering, ** ****** ** illegal

Agree: 1
Disagree: 1
Informative
Unhelpful
Funny

** *** **** ********* by ****, *******? * mean, *** ****** **** are ********* **** **** type ** ************* ******** aren't ****** ***-**** ******** from ***, ******. *** the ****** **** ****'* concerned **** **** *** probably *** **** ************ trunk-slammers **** ****'* ******* IPVM, ******, *** ******'* care **** **** ******* said, ** **** *** read **. *** **** is **** ********** **** ADI ** ***** ***. I'm *** *********, *** I **** **** *'* probably ** *** ********. Thanks *** *** *******, though.

Agree
Disagree
Informative
Unhelpful
Funny

***, ***, * *** your *******.

* ** ******* **** ADI *** *** ****** be ****** **** ****.

*** ********* ** ****** the **** ** ********** ** *** ****"**** ** ************ ****** the ******** ******** ** the ****** ****** ** the ******** *** ****** of ****** ****** *******" plus **** *.* *************** that **** **** *** fixed.

*** ***** ** *** think ** *** **** ADI ****** *** ** held *********** *** ****?

Agree
Disagree
Informative
Unhelpful
Funny

** *** ********, * do *** **** ** think ****** ** *** to ******* **** ****** be **** ***********. ** be *****: * ***** ANYONE ********* ****** *** sale ** ********** ** *** ****"**** ** ************ **** to *** ******** ******** of *** ****** ****** or *** ******** *** safety ** ****** ****** persons" ****** ** **** accountable. ******* * ***** highly ** ****, ** not.

** **** *****'* ******** me **** *** *** engaged ** **** **** of ********.

Agree
Disagree
Informative
Unhelpful
Funny

*** ******* * *** **** on ********, ** *** ****** has ******* *********, ****** no, **** *** ****** not *** **. ****....

IPVM Image

Agree
Disagree
Informative
Unhelpful
Funny

******, *** *** *** issued * ************, ******* copied **** *****'*:

IPVM Image

Agree
Disagree
Informative: 2
Unhelpful
Funny

* ****** *** **** of ** *** ** do **** **** *******.

** *** ** ********** and *** *** *** a ************* **** ****** be ******* ** *** end **** ******* *** OEM's ******** (***, *** example, *** *** ****** who *** *** **), then *** ********** *** a ************** ** *** just ****** **** *** issue *** ********.

**** *** * ******* for ** **** **** were ****** *********. ** bought * ***** ** their *-*** ** ********* which *** **** ********* Hik ***, *** ** you ***** ********* *** firmware *** ****** ***** just ****** ** ****** it *** ************.

Agree
Disagree
Informative: 1
Unhelpful
Funny

* ****** *** **** of ** *** ** do **** **** *******.

** ******** ******* ** that **'* **% ****** to **** ******* *** IPVM, *** ***** *% is ** *** ******** be ****** ** ** PoC - *** ****'* also ** **** ****** for ********* ******* ***.

Agree: 1
Disagree
Informative
Unhelpful
Funny

** ***** *** **** verified ** ******* ****** PoC.

*** ****** *** ***** have ********** ******* *** firmware *** * ** think ** ******* ********* to **** ****** *** speed (****** * ***'* see *** ****** ** why *** *** *** update ******** ****** ***** Dahua ******** ********* **** more **** * ***** ago).

Agree: 2
Disagree
Informative
Unhelpful
Funny

*** ******** ** ***** rebadged *********, * ***** month+ ** *************, *** at ** ********** ******. /S

Agree
Disagree
Informative
Unhelpful
Funny: 2
Read this IPVM report for free.

This article is part of IPVM's 7,264 reports and 968 tests and is only available to subscribers. To get a one-time preview of our work, enter your work email to access the full article.

Already a subscriber? Login here | Join now
Loading Related Reports