CVE-2022-30564
MEDIUMCVSS 5.3/10EPSS 0.44%
Last modified
CVE-2022-30564 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time.. EPSS estimates a 0.44% chance of exploitation in the next 30 days.
Description
Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dahuasecurity | Ipc-Hf71242f-Z-X Firmware | < 2.800.0000000.4.r.210708 |
| Dahuasecurity | Ipc-Hf7442f-Z-X Firmware | < 2.800.0000000.4.r.210708 |
| Dahuasecurity | Ipc-Hf7842f-Z-X Firmware | < 2.800.0000000.4.r.210708 |
| Dahuasecurity | Ipc-Hf5241f-Ze Firmware | < 2.840.0000000.18.r.220629 |
| Dahuasecurity | Ipc-Hf5442f-Ze Firmware | < 2.840.0000000.18.r.220629 |
| Dahuasecurity | Ipc-Hf5541f-Ze Firmware | < 2.840.0000000.18.r.220629 |
| Dahuasecurity | Ipc-Hf5842f-Ze Firmware | < 2.840.0000000.18.r.220629 |
| Dahuasecurity | Sd5a225gb-Hnr Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a225gb-Hnr-Sl Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a225xa-Hnr Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a225xa-Hnr-Sl Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a232gb-Hnr Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a232xb-Hnr Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a232xb-Hnr-Ac Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a232xb-Hnr-P Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a245gb-Hnr Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a245xa-Hnr Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a425ga-Hnr Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a425xa-Hnr Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a432gb-Hnr Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a445gb-Hnr Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a445xa-Hnr Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a445xa-Hnr-1t Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a825-Hnr-Ya Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd5a825ga-Hnr Firmware | < 2.812.0000032.2.r.220804 |
| Dahuasecurity | Sd22204-Gc-Lb Firmware | < 2.813.0000017.0.r.220928 |
| Dahuasecurity | Sd22204db-Gny Firmware | < 2.813.0000017.0.r.220928 |
| Dahuasecurity | Sd22204db-Gny-W Firmware | < 2.813.0000017.0.r.220928 |
| Dahuasecurity | Sd22204t-Gn-S2 Firmware | < 2.813.0000017.0.r.220928 |
| Dahuasecurity | Sd22204ue-Gn Firmware | < 2.813.0000017.0.r.220928 |
| Dahuasecurity | Sd22204ue-Gn-W Firmware | < 2.813.0000017.0.r.220928 |
| Dahuasecurity | Sd22404t-Gn Firmware | < 2.813.0000017.0.r.220928 |
| Dahuasecurity | Sd22404t-Gn-W Firmware | < 2.813.0000017.0.r.220928 |
| Dahuasecurity | Sd59131i-Hc\(-S3\) Firmware | < 2.812.0000017.0.r.220928 |
| Dahuasecurity | Sd59225-Hc-La Firmware | < 2.812.0000017.0.r.220928 |
| Dahuasecurity | Sd59225i-Hc\(-S3\) Firmware | < 2.812.0000017.0.r.220928 |
| Dahuasecurity | Sd59225u-Hni Firmware | < 2.812.0000017.0.r.220928 |
| Dahuasecurity | Sd59230i-Hc\(-S3\) Firmware | < 2.812.0000017.0.r.220928 |
| Dahuasecurity | Sd59232-Hc-La Firmware | < 2.812.0000017.0.r.220928 |
| Dahuasecurity | Sd59232xa-Hnr Firmware | < 2.812.0000017.0.r.220928 |
| Dahuasecurity | Sd59430i-Hc Firmware | < 2.812.0000017.0.r.220928 |
| Dahuasecurity | Sd59432xa-Hnr Firmware | < 2.812.0000017.0.r.220928 |
| Dahuasecurity | Nvr4216-I Firmware | < 4.002.0000000.3.r.221122 |
| Dahuasecurity | Nvr4416-16p-4ks2\/I Firmware | < 4.002.0000000.3.r.221122 |
| Dahuasecurity | Nvr4416-4ks2\/I Firmware | < 4.002.0000000.3.r.221122 |
| Dahuasecurity | Nvr4432-16p-4ks2\/I Firmware | < 4.002.0000000.3.r.221122 |
| Dahuasecurity | Nvr4432-4ks2\/I Firmware | < 4.002.0000000.3.r.221122 |
| Dahuasecurity | Nvr4432-I Firmware | < 4.002.0000000.3.r.221122 |
| Dahuasecurity | Nvr4816-16p-4ks2\/I Firmware | < 4.002.0000000.3.r.221122 |
| Dahuasecurity | Nvr4816-4ks2\/I Firmware | < 4.002.0000000.3.r.221122 |
Showing 50 of 97 affected configurations. See NVD for the full list.
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2022-30564?
Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time.
How severe is CVE-2022-30564?
CVE-2022-30564 has a CVSS score of 5.3/10 (MEDIUM severity). The EPSS model estimates a 0.44% probability of exploitation in the next 30 days.
How do I fix CVE-2022-30564?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2022-30564?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST