A Chinese Company “Dahua” has made the headlines. A severe vulnerability in Dahua IP Camera was letting the attackers take control over the devices has got patches. “Dahua” is not a small brand. In the industry of security, it’s a well-known entity. Let’s see what are the chances that it stood upon and dealt with the cases.
When researchers search for vulnerabilities in software or other things online, they found out about these vulnerabilities as well. First, they were not amazed by this because they thought this came out of mere complications in making decisions under software management. However, this reached Dahua.
As soon as the report was made to the Dahua, the patches got ready for a better experience.
Report Claim Vulnerabilities Follows
Nozomi Networks Labs
Researchers found a serious security loophole in some Dahua IP Cameras. “Dahua” a China-based company tech firm, offers video surveillance gadgets. Some of their security devices are as follows:
- Network Recorders
- Network Cameras
- Fire Alarms
This company has made its name in several industries and countries involving the USA.
It affected the Cameras that were having Open Network Video Interface Forum. During the observation of Bug, it was shown that IPC-HDBW 2231-S-S2 Camera was having loopholes in it. It was messing up with fingerprinting details. They used a technique in which they tried to add up an unauthenticated admin account while applying for a CreateUsers request.
The most surprising thing was that the device allowed adding the extra admin account. Now, there was no doubt that the loophole in the WS-Username Token authentication mechanism was not abrupt but the real deal.
Results were clear, that if this kind of attack were done by an attacker it could’ve given control of the targeted device to the attacker. This attack just needed a simple sniffing of one unencrypted ONVIF request approved with the WS-Username Token schema.
Bugs like these can put anyone’s data at high risk. The cause for this could be due to the presence of the WS-Username Token, and most of the Dahua Devices’ unencrypted HTTP data exposures.
Dispatched patches for Bug – Great News!
Dahua did a great job! Just after listening to the report, it solved the issues with patches made for them.
Dahua‘s advice to the customers is to upgrade their devices:
Vulnerability code – CVE-2022-30563 got a CVSS base rating of 6.8. They tagged:
“Once an attacker uses man-in-the-middle attacks to sniff the request packets, he’ll be succeeding in logging via ONVIF. Moreover, he would be able to log in to the device by exchanging the user’s login packet”.
Plus, three other vulnerabilities that were less severe in harming devices got checked and fixed in time:
- Dahua ASI7XXX: Versions prior to v1.000.0000009.0.R.220620
- Dahua IPC-HDBW2XXX: Versions prior to v2.820.0000000.48.R.220614
- Dahua IPC-HX2XXX: Versions Prior to v2.820.0000000.48.R.220614
Thus, the vulnerabilities got their patches so well. CISA advises users to update their devices ASAP to be safe. What do you think? Put it in the comments!
Kindly read more articles :