I normally don’t post any of the daily cybersecurity alerts that post my desk. If I did, I would quickly fill up my 4TB local storage! But this is significant enough to warrant attention.

Hikvision is a highly popular camera manufacturer that is found around the world, with the USA having the second largest implementation–often as security video cameras. A severe security vulnerability was found last year, but it was reported 20220823 that over 80,000 of these units have not yet had their software updated.

Without the software security patch, these cameras are easily accessible by governments, criminals, and your everyday troublemaker.

To quote from the original source material:

Last year, Hikvision resigned from the Security Industry Association (SIA), the largest trade organization for surveillance vendors, after being accused of working with the Chinese Army on research to improve the ‘lethality’ of missiles.

Due to the one-two punch of the gaping and continuing vulnerability, and that Hikvision has resigned from the SIA, we can not recommend their use. We do recommend that should you have a Hikvision video camera in use, replace it ASAP.

Original source material: https://therecord.media/experts-warn-of-widespread-exploitation-involving-hikvision-cameras/