CVE-2017-7921 - Hikvision Multiple Products Improper Authentication Vulnerability

Vulnerability Name

Hikvision Multiple Products Improper Authentication Vulnerability

Description

Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and gain access to sensitive information.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://www.hikvision.com/us-en/support/document-center/special-notices/privilege-escalating-vulnerability-in-certain-hikvision-ip-cameras/

https://nvd.nist.gov/vuln/detail/CVE-2017-7921

Related News Articles

Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor BackdoorMarch 6, 2026

Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV CatalogMarch 6, 2026