CVE-2025-66176

Name: CVE-2025-66176
Creator: NVD / NIST
Published: 2026-01-13T03:16:01.097+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 8.8/10EPSS 0.48%

Last modified Jun 17, 2026

CVE-2025-66176 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.. EPSS estimates a 0.48% chance of exploitation in the next 30 days.

Description

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.

Metrics

CVSS 3.1

8.8/10

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.48%

38.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-121

Affected Software

Vendor	Product	Versions
Hikvision	Ds-K1t331 Firmware	< 3.7.80
Hikvision	Ds-K1t341a Firmware	< 3.7.80
Hikvision	Ds-K1t341b Firmware	< 3.7.80
Hikvision	Ds-K1t671 Firmware	< 3.7.80
Hikvision	Ds-K5671 Firmware	< 3.7.80
Hikvision	Ds-K1t672 Firmware	< 3.7.80
Hikvision	Ds-K1t680 Firmware	< 3.7.80
Hikvision	Ds-K1t981 Firmware	< 3.7.80
Hikvision	Ds-K1t341c Firmware	< 3.3.180
Hikvision	Ds-K1t670 Firmware	< 4.48.0
Hikvision	Ds-K1t673 Firmware	< 4.48.0
Hikvision	Ds-K1t8003 Firmware	<= 1.4.21
Hikvision	Ds-K1t804a Firmware	< 1.4.22
Hikvision	Ds-K1t804b Firmware	< 1.4.23
Hikvision	Ds-K1t201a Firmware	< 1.3.65
Hikvision	Ds-K1t105a Firmware	< 1.3.65
Hikvision	Ds-K1t342 Firmware	< 4.48.0
Hikvision	Ds-K1t343 Firmware	< 4.48.0
Hikvision	Ds-K1t344 Firmware	< 4.48.0
Hikvision	Ds-K1t6qt-F72 Firmware	< 4.48.0
Hikvision	Ds-K1t6qt-F43 Firmware	< 4.48.0
Hikvision	Ds-K1t8005 Firmware	< 3.25.40
Hikvision	Ds-K1t808 Firmware	< 3.25.40
Hikvision	Ds-K1t320 Firmware	< 3.9.40
Hikvision	Ds-K1t321 Firmware	< 3.9.40
Hikvision	Ds-K1t323 Firmware	< 4.23.41
Hikvision	Ds-K1t510 Firmware	< 4.23.41
Hikvision	Ds-K5033 Firmware	< 4.37.40

References

Timeline

Published: Jan 13, 2026
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2025-66176?

How severe is CVE-2025-66176?

CVE-2025-66176 has a CVSS score of 8.8/10 (HIGH severity). The EPSS model estimates a 0.48% probability of exploitation in the next 30 days.

How do I fix CVE-2025-66176?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-66176?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST