Dahua surveillance cameras are used throughout many critical infrastructure sectors such as oil & gas, power grids, telecommunications, etc. These cameras are used to oversee many production processes, providing remote visibility to process engineers. Threat actors, nation-state threat groups in particular, could be interested in hacking IP cameras to help gather intel on the equipment or production processes of the target company. This information could aid in reconnaissance conducted prior to launching a cyberattack. With more knowledge of the target environment, threat actors could craft custom attacks that can physically disrupt production processes in critical infrastructure.
The vendor has published details of four vulnerabilities impacting Dahua IP Camera that can allow attackers to seize control of IP cameras.
Base Score: 5.4
When an attacker obtains the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash.
Base Score: 5.9
When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in, the attacker could log in to the device by replaying the user’s login packet.
Base Score: 3.7
If the user enables the https function on the device, an attacker can modify the user’s request data packet through a man-in-the-middle attack and redirect to a malicious page.
Base Score: 6.8
When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in through ONVIF, he can log in to the device by replaying the user’s login packet.The issue affects Dahua’s implementation of the Open Network Video Interface Forum (ONVIF). This vulnerability could be abused by attackers to compromise network cameras by sniffing a previous unencrypted ONVIF interaction and replaying the credentials in a new request towards the camera. Once obtained the credentials, an attacker can add an administrator account and use it to obtain full access to the device and perform actions such as watching live footage
The following versions of Dahua video products, are affected:
- Dahua ASI7XXX: Versions prior to v1.000.0000009.0.R.220620
- Dahua IPC-HDBW2XXX: Versions prior to v2.820.0000000.48.R.220614
- Dahua IPC-HX2XXX: Versions Prior to v2.820.0000000.48.R.220614
The vendor addressed the issue with the release of a patch.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.