Hikvision 3 NVR Vulnerabilities April 2024 Analyzed
This report requires an IPVM Research Service subscription. Learn more.
This report requires an IPVM Research Service subscription. Learn more.
HID's Mercury is abruptly EOLing their red boards, with a partner citing "reducing latency and vulnerabilities," but how have red boards been...
This report requires an IPVM Research Service subscription. Learn more.
While MIFARE Classic credentials have been cracked for many, many years, and new devices simplify exploiting such vulnerabilities, Dormakaba has...
Russia hacked video surveillance cameras as part of a massive air attack on Kyiv, according to Ukrainian security services. Several countries...
By Conor Healy - about 1 month ago
How does the Dormakaba "Unsaflok" vulnerability work? In our first report - Dormakaba Discloses Critical Vulnerability, To Rip And Replace Access...
Cracked access control credentials are a rising concern as technologies developed decades ago are still widely sold and used and are increasingly...
By Mert Karakaya, bashis mcw, and Jermaine Wilson - about 1 month ago
This report requires an IPVM Research Service subscription. Learn more.
Senator Marco Rubio (R-FL) is calling on the FCC to investigate PRC-made doorbell cameras after researchers identified serious security flaws,...
By Conor Healy - about 2 months ago
While Evolv marketed "weapons-free zones" with "touchless," "frictionless" screening, claiming unprecedented convenience and security that,...
By Nikita Ermolaev, Conor Healy, and John Honovich - about 2 months ago
While social media posters have exaggerated how harmful Flipper Zero is to cars, some cars are at risk of being stolen, and most cars can still be...
Following the "Major, Mandatory Upgrade," HID now released two high-severity CVEs on malicious configuration cards, and unauthorized encoders. But...
HID's "major, mandatory upgrade" added iClass SE to its list of "legacy credentials [that] can expose a security risk," prompting IPVM and PACS...
Following a series of IPVM reports explaining HID's long-standing unfixed vulnerabilities (see 1, 2, 3), HID has pushed a "major, mandatory...
By John Honovich - 3 months ago
Despite currently being sued by a student stabbed by a weapon not detected by Evolv, Evolv told investors "nothing tragic has happened yet" and...
IPVM has advocated HID deal with downgrade attacks it has known and allowed. Now, in what HID is describing as a "major, mandatory upgrade," HID...
The secret Key Derivation Function (KDF) algorithm in the Saflok RFID system from Dormakaba is cracked, allowing an attacker to calculate the...
This report requires an IPVM Research Service subscription. Learn more.
While HID markets "Signo = Security" and that "security comes first," HID obscures and features critical unfixed vulnerabilities both for low...
This report requires an IPVM Research Service subscription. Learn more.
The main objection to IPVM's downgrade attack report was that it impacted only 125 kHz credentials. A similar vulnerability exists for...
This report requires an IPVM Research Service subscription. Learn more.
This report requires an IPVM Research Service subscription. Learn more.
While Flipper Zero (see test) has become a viral sensation, it does not work out of the box with HID's widely used SE / Seos "highly secure"...
This report requires an IPVM Research Service subscription. Learn more.
Back to Top