CVE-2025-66176
8.8
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hikvision | DS-K1T331 | Versions below V3.7.80 | affected |
| Hikvision | DS-K1T341A/K1T341B | Versions below V3.7.80 | affected |
| Hikvision | DS-K1T671/K5671 | Versions below V3.7.80 | affected |
| Hikvision | DS-K1T672 | Versions below V3.7.80 | affected |
| Hikvision | DS-K1T680 | Versions below V3.7.80 | affected |
| Hikvision | DS-K1T981 | Versions below V3.7.80 | affected |
| Hikvision | DS-K1T341C | Versions below V3.3.180 | affected |
| Hikvision | DS-K1T670/K1T673 | Versions below V4.48.0 | affected |
| Hikvision | DS-K1T8003 | Versions below V1.4.21 | affected |
| Hikvision | DS-K1T804A | Versions below V1.4.22 | affected |
| Hikvision | DS-K1T8003/8004 | Versions below V1.4.21 | affected |
| Hikvision | DS-K1T804A | Versions below V1.4.22 | affected |
| Hikvision | DS-K1T804B | Versions below V1.4.23 | affected |
| Hikvision | DS-K1T201A/K1T105A | Versions below V1.3.65 | affected |
| Hikvision | DS-K1T342/K1T343/K1T344/DS-K1T6QT-F72/F43 | Versions below V4.48.0 | affected |
| Hikvision | DS-K1T8005/DS-K1T808 | Versions below V3.25.40 | affected |
| Hikvision | DS-K1T320/DS-K1T321 | Versions below V3.9.40 | affected |
| Hikvision | DS-K1T323/DS-K1T510 | Versions below V4.23.41 | affected |
| Hikvision | DS-K5033 | Versions below V4.37.40 | affected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.