While webcams or other devices may not appear to be a security risk — attackers can manipulate unpatched systems to gain unauthorized access to the network.  Owners of these surveillance cameras should promptly perform firmware updates to get on the most current release. 

Over 80,000 Hikvision Cameras Remain Unpatched and Vulnerable to Attack | PCMag

Tens of thousands of Hikvision cameras are vulnerable to attack despite a firmware update being released to close the security hole last year.  As Bleeping Computer reports(Opens in a new window), the vulnerability relates to a flaw known as CVE-2021-36260(Opens in a new window). It’s described as a “command injection vulnerability” that allows an attacker to “launch a command injection attack by sending some messages with malicious commands,” and it was made possible due to insufficient input validation.

In a recent report(Opens in a new window) (PDF), cybersecurity company Cyfirma identified over 80,000 Hikvision cameras remained unpatched and therefore susceptible to being exploited to gain network access. So far, two known exploits are being used against the cameras, which were taken advantage of in December last year to help spread the Moobot botnet. Access to networks is also being sold on Russian-speaking hacking forums, with the access made possible due to those networks having unpatched Hikvision cameras connected to them.

According to The Register(Opens in a new window), the security flaw is present on more than 70 different models of Hikvision’s cameras. They have been purchased and used by over 2,300 organizations spread across more than 100 countries. Cyfirma’s analysis revealed the largest number of unpatched cameras are located in China (12,690) and the US (10,611). The other countries in the top 10 include Vietnam, the UK, Ukraine, Thailand, South Africa, France, the Netherlands, and Romania.