CVE-2023-28811: Buffer Overflow Vulnerability in Hikvision NVR/DVR Devices
First published: Thu Nov 23 2023(Updated: )
There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
Credit: hsrc@hikvision.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Hikvision Nvr-216mh-c(d) Firmware | <4.1.60 | |
| Hikvision NVR-216MH-C(D) | ||
| All of | ||
| Hikvision Nvr-216mh-c/16p(d) Firmware | <4.1.60 | |
| Hikvision Nvr-216mh-c/16p(d) | ||
| All of | ||
| Hikvision Nvr-208mh-c/8p(d) Firmware | <4.1.60 | |
| Hikvision NVR-208MH-C/8P(D) | ||
| All of | ||
| Hikvision Nvr-104mh-c/4p(d) Firmware | <4.1.60 | |
| Hikvision NVR-104MH-C/4P(D) | ||
| All of | ||
| Hikvision Nvr-104mh-c(d) Firmware | <4.1.60 | |
| Hikvision Nvr-104mh-c(d) | ||
| All of | ||
| Hikvision Nvr-108mh-c(d) Firmware | <4.1.60 | |
| Hikvision NVR-108MH-C(D) | ||
| All of | ||
| Hikvision Nvr-116mh-c(d) Firmware | <4.1.60 | |
| Hikvision NVR-116MH-C(D) | ||
| All of | ||
| Hikvision DS-7104NI-Q1(C) Firmware | <4.1.60 | |
| Hikvision DS-7104NI-Q1(C) | ||
| All of | ||
| Hikvision DS-7104NI-Q1(D) Firmware | <4.1.60 | |
| Hikvision DS-7104NI-Q1(D) | ||
| All of | ||
| Hikvision DS-7108NI-Q1(C) Firmware | <4.1.60 | |
| Hikvision DS-7108NI-Q1(C) | ||
| All of | ||
| Hikvision DS-7108NI-Q1(D) Firmware | <4.1.60 | |
| Hikvision DS-7108NI-Q1(D) | ||
| All of | ||
| Hikvision Nvr-104mh-d(c) Firmware | <4.1.60 | |
| Hikvision NVR-104MH-D(C) | ||
| All of | ||
| Hikvision Nvr-104mh-d(d) Firmware | <4.1.60 | |
| Hikvision NVR-104MH-D(D) | ||
| All of | ||
| Hikvision Nvr-108h-d(c) Firmware | <4.1.60 | |
| Hikvision Nvr-108h-d(c) | ||
| All of | ||
| Hikvision Nvr-108mh-d(c) Firmware | <4.1.60 | |
| Hikvision Nvr-108mh-d(c) | ||
| All of | ||
| Hikvision Nvr-108mh-d(d) Firmware | <4.1.60 | |
| Hikvision NVR-108MH-D(D) | ||
| All of | ||
| Hikvision Nvr-104mh-d/4p(c) Firmware | <4.1.60 | |
| Hikvision NVR-104MH-D/4P(C) | ||
| All of | ||
| Hikvision Nvr-108h-d/8p(c) Firmware | <4.1.60 | |
| Hikvision Nvr-108h-d/8p(c) | ||
| All of | ||
| Hikvision Nvr-108h-d/8p(d) Firmware | <4.1.60 | |
| Hikvision NVR-108H-D/8P(D) | ||
| All of | ||
| Hikvision Nvr-108mh-d/8p(c) Firmware | <4.1.60 | |
| Hikvision NVR-108MH-D/8P(C) | ||
| All of | ||
| Hikvision Ds-7604ni-q1(c) Firmware | <4.1.60 | |
| Hikvision DS-7604NI-Q1(C) | ||
| All of | ||
| Hikvision DS-7604NI-Q1/4P(C) Firmware | <4.1.60 | |
| Hikvision DS-7604NI-Q1/4P(C) | ||
| All of | ||
| Hikvision DS-7608NI-Q1(C) Firmware | <4.1.60 | |
| Hikvision DS-7608NI-Q1(C) | ||
| All of | ||
| Hikvision DS-7608NI-Q1/8P(C) Firmware | <4.1.60 | |
| Hikvision DS-7608NI-Q1/8P | ||
| All of | ||
| Hikvision DS-7608NI-Q2(C) Firmware | <4.1.60 | |
| Hikvision DS-7608NI-Q2(C) | ||
| All of | ||
| Hikvision DS-7608NI-Q2/8P (C) Firmware | <4.1.60 | |
| Hikvision DS-7608NI-Q2/8P(C) | ||
| All of | ||
| Hikvision DS-7616NI-Q1(C) Firmware | <4.1.60 | |
| Hikvision DS-7616NI-Q1(C) | ||
| All of | ||
| Hikvision DS-7616NI-Q2/16P(C) Firmware | <4.1.60 | |
| Hikvision DS-7616NI-Q2/16P(C) | ||
| All of | ||
| Hikvision DS-7616NI-Q2(C) Firmware | <4.1.60 | |
| Hikvision DS-7616NI-Q2(C) | ||
| All of | ||
| Hikvision Ds-7604ni-k1(c) Firmware | <4.1.60 | |
| Hikvision DS-7604NI-K1(C) | ||
| All of | ||
| Hikvision DS-7604NI-K1/4P/4G(C) Firmware | <4.1.60 | |
| Hikvision DS-7604NI-K1/4P/4G(C) | ||
| All of | ||
| Hikvision DS-7608NI-K1/8P (C) Firmware | <4.1.60 | |
| Hikvision DS-7608NI-K1/8P(C) | ||
| All of | ||
| Hikvision Ds-7608ni-k1/8p/4g(c) Firmware | <4.1.60 | |
| Hikvision DS-7608NI-K1/8P/4G(C) | ||
| All of | ||
| Hikvision DS-7616NI-K1(C) Firmware | <4.1.60 | |
| Hikvision DS-7616NI-K1(C) | ||
| All of | ||
| Hikvision Nvr-208mh-c(c) Firmware | <4.1.60 | |
| Hikvision NVR-208MH-C(C) | ||
| All of | ||
| Hikvision Nvr-104mh-c Firmware | <4.1.60 | |
| Hikvision NVR-104MH-C (C) | ||
| All of | ||
| Hikvision Nvr-108mh-c(c) Firmware | <4.1.60 | |
| Hikvision NVR-108MH-C (C) | ||
| All of | ||
| Hikvision Nvr-108mh-c/8p(c) Firmware | <4.1.60 | |
| Hikvision Nvr-108mh-c/8p(c) | ||
| All of | ||
| Hikvision Nvr-116mh-c (c) Firmware | <4.1.60 | |
| Hikvision NVR-116MH-C (C) | ||
| Hikvision DVR Firmware | <4.1.60 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-28811?
CVE-2023-28811 has a high severity rating due to the potential for a local attacker to exploit the buffer overflow and cause device malfunction.
How do I fix CVE-2023-28811?
To fix CVE-2023-28811, users should update their Hikvision NVR/DVR devices to the latest firmware version above 4.1.60.
What devices are affected by CVE-2023-28811?
CVE-2023-28811 affects various Hikvision NVR/DVR models, specifically those running firmware version 4.1.60 or lower.
Can CVE-2023-28811 be exploited remotely?
CVE-2023-28811 cannot be exploited remotely as it requires the attacker to be on the same local area network (LAN) as the device.
What are the potential impacts of CVE-2023-28811?
Successful exploitation of CVE-2023-28811 can lead to a malfunction of the device, potentially disrupting surveillance operations.
- agent/event
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/remedy
- agent/author
- agent/last-modified-date
- agent/references
- agent/description
- agent/source
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/hikvision
- canonical/hikvision nvr-216mh-c(d) firmware
- canonical/hikvision nvr-216mh-c(d)
- canonical/hikvision nvr-216mh-c/16p(d) firmware
- canonical/hikvision nvr-216mh-c/16p(d)
- canonical/hikvision nvr-208mh-c/8p(d) firmware
- canonical/hikvision nvr-208mh-c/8p(d)
- canonical/hikvision nvr-104mh-c/4p(d) firmware
- canonical/hikvision nvr-104mh-c/4p(d)
- canonical/hikvision nvr-104mh-c(d) firmware
- canonical/hikvision nvr-104mh-c(d)
- canonical/hikvision nvr-108mh-c(d) firmware
- canonical/hikvision nvr-108mh-c(d)
- canonical/hikvision nvr-116mh-c(d) firmware
- canonical/hikvision nvr-116mh-c(d)
- canonical/hikvision ds-7104ni-q1(c) firmware
- canonical/hikvision ds-7104ni-q1(c)
- canonical/hikvision ds-7104ni-q1(d) firmware
- canonical/hikvision ds-7104ni-q1(d)
- canonical/hikvision ds-7108ni-q1(c) firmware
- canonical/hikvision ds-7108ni-q1(c)
- canonical/hikvision ds-7108ni-q1(d) firmware
- canonical/hikvision ds-7108ni-q1(d)
- canonical/hikvision nvr-104mh-d(c) firmware
- canonical/hikvision nvr-104mh-d(c)
- canonical/hikvision nvr-104mh-d(d) firmware
- canonical/hikvision nvr-104mh-d(d)
- canonical/hikvision nvr-108h-d(c) firmware
- canonical/hikvision nvr-108h-d(c)
- canonical/hikvision nvr-108mh-d(c) firmware
- canonical/hikvision nvr-108mh-d(c)
- canonical/hikvision nvr-108mh-d(d) firmware
- canonical/hikvision nvr-108mh-d(d)
- canonical/hikvision nvr-104mh-d/4p(c) firmware
- canonical/hikvision nvr-104mh-d/4p(c)
- canonical/hikvision nvr-108h-d/8p(c) firmware
- canonical/hikvision nvr-108h-d/8p(c)
- canonical/hikvision nvr-108h-d/8p(d) firmware
- canonical/hikvision nvr-108h-d/8p(d)
- canonical/hikvision nvr-108mh-d/8p(c) firmware
- canonical/hikvision nvr-108mh-d/8p(c)
- canonical/hikvision ds-7604ni-q1(c) firmware
- canonical/hikvision ds-7604ni-q1(c)
- canonical/hikvision ds-7604ni-q1/4p(c) firmware
- canonical/hikvision ds-7604ni-q1/4p(c)
- canonical/hikvision ds-7608ni-q1(c) firmware
- canonical/hikvision ds-7608ni-q1(c)
- canonical/hikvision ds-7608ni-q1/8p(c) firmware
- canonical/hikvision ds-7608ni-q1/8p
- canonical/hikvision ds-7608ni-q2(c) firmware
- canonical/hikvision ds-7608ni-q2(c)
- canonical/hikvision ds-7608ni-q2/8p (c) firmware
- canonical/hikvision ds-7608ni-q2/8p(c)
- canonical/hikvision ds-7616ni-q1(c) firmware
- canonical/hikvision ds-7616ni-q1(c)
- canonical/hikvision ds-7616ni-q2/16p(c) firmware
- canonical/hikvision ds-7616ni-q2/16p(c)
- canonical/hikvision ds-7616ni-q2(c) firmware
- canonical/hikvision ds-7616ni-q2(c)
- canonical/hikvision ds-7604ni-k1(c) firmware
- canonical/hikvision ds-7604ni-k1(c)
- canonical/hikvision ds-7604ni-k1/4p/4g(c) firmware
- canonical/hikvision ds-7604ni-k1/4p/4g(c)
- canonical/hikvision ds-7608ni-k1/8p (c) firmware
- canonical/hikvision ds-7608ni-k1/8p(c)
- canonical/hikvision ds-7608ni-k1/8p/4g(c) firmware
- canonical/hikvision ds-7608ni-k1/8p/4g(c)
- canonical/hikvision ds-7616ni-k1(c) firmware
- canonical/hikvision ds-7616ni-k1(c)
- canonical/hikvision nvr-208mh-c(c) firmware
- canonical/hikvision nvr-208mh-c(c)
- canonical/hikvision nvr-104mh-c firmware
- canonical/hikvision nvr-104mh-c (c)
- canonical/hikvision nvr-108mh-c(c) firmware
- canonical/hikvision nvr-108mh-c (c)
- canonical/hikvision nvr-108mh-c/8p(c) firmware
- canonical/hikvision nvr-108mh-c/8p(c)
- canonical/hikvision nvr-116mh-c (c) firmware
- canonical/hikvision nvr-116mh-c (c)
- canonical/hikvision dvr firmware