SA ID: DHCC-201703-01

First Published: March 17, 2017

Summary:

System security vulnerability was found in some Dahua IP devices. It could be exploited to attack devices with this vulnerability.

CVE ID: CVE-2017-7253

Affected Products:

Part of the following product series and models are affected

DH-IPC-HFW1XXX, DH-IPC-HDW1XXX, DH-IPC-HFW2XXX, DH-IPC-HDW2XXX

DH-IPC-HFW4XXX, DH-IPC-HDW4XXX, DH-SD6CXX, DH-NVR1XXX,

DH-HCVR4XXX, DH-HCVR5XXX, DH-IPC-HDBW23A0RN-ZS,

DH-IPC-HDBW13A0SN, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, DHI-HCVR58A32S-S2

Impact:

It could be exploited to attack devices with this vulnerability

Fixed software release:

Fixed software can be obtained from Dahua technical support and authorized Dahua distributor

Support Recources

Dahua technical team will contact customers to advise and support the upgrade process. For any questions or concerns related to cybersecurity, please contact Dahua at psirt@dahuatech.com