Vulnerabilities found in EZVIZ smart cameras that threaten to intercept control
During the study of the level of security of IoT devices, Bitdefender experts discovered vulnerabilities in EZVIZ IP cameras, which together allow access to video, download images and decrypt them. The manufacturer (Hikvision) began handing out life-saving updates to affected models in June.
According to the information security company’s alert, the critical vulnerability CVE-2022-2471 in the motion recorder (9.9 CVSS points, according to analysts) is associated with a buffer overflow error on the stack and allows remote execution of any code. Another problem is characterized as unsafe direct references to objects and threatening to take control of the camera; A dangerous defect has been identified in many API endpoints.
Another bug that can be exploited remotely allows you to steal a crypto key due to the weak protection of stored passwords. The exploitation of the fourth vulnerability CVE-2022-2472 (incorrect initialization method, 7.6 points) requires local access to the device; if successful, the attacker will be able to get the admin password and, as a result, full control over the IP camera.
The listed vulnerabilities were found in firmware V5.3.0 build 201719 (earlier versions have not been tested, but may also be problematic). List of affected devices based on the results of the scan:
CS-CV248 [20XXXXX72] with firmware V5.2.1 build 180403; CS-C6N-A0-1C2WFR [E1XXXXX79] – V5.3.0 build 201719; CS-DB1C-A0-1E2W2FR [F1XXXXX52] – V5.3.0 build 211208; CS-C6N-B0-1G2WF [G0XXXXX66] – v5.3.0 build 210731; CS-C3W-A0-3H4WFRL [F4XXXXX93] – V5.3.5 build 22012.
About five years