CVE-2017-14953
Last modified
CVE-2017-14953 is a vulnerability of currently unknown severity. HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi encryption or authentication. NOTE: Vendor states that this is not a vulnerability, but more an increase to the attack surface of the product. EPSS estimates a 0.49% chance of exploitation in the next 30 days.
Description
HikVision Wi-Fi IP cameras, when used in a wired configuration, allow physically proximate attackers to trigger association with an arbitrary access point by leveraging a default SSID with no WiFi encryption or authentication. NOTE: Vendor states that this is not a vulnerability, but more an increase to the attack surface of the product
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Hikvision | Ds-2cd2432f-Iw Firmware | < 5.4.5 |
References
- http://packetstormsecurity.com/files/145131/HikVision-Wi-Fi-IP-Camera-Wireless-Access-Point-State.htmlThird Party Advisory, VDB Entry
- http://seclists.org/fulldisclosure/2017/Nov/43Mailing List, Third Party Advisory
- http://packetstormsecurity.com/files/145131/HikVision-Wi-Fi-IP-Camera-Wireless-Access-Point-State.htmlThird Party Advisory, VDB Entry
- http://seclists.org/fulldisclosure/2017/Nov/43Mailing List, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-14953?
How severe is CVE-2017-14953?
How do I fix CVE-2017-14953?
Are you affected by CVE-2017-14953?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST