Detections
Analytics

Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras Use of Password Hash Instead of Password For Authentication (CVE-2017-7927)

high Tenable OT Security Plugin ID 502799

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH- IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC- HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH- HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI- HCVR58A32S-S2 devices. The use of password hash instead of password for authentication vulnerability was identified, which could allow a malicious user to bypass authentication without obtaining the actual password.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Dahua has released updated firmware to mitigate these vulnerabilities.

Updated software can be obtained from Dahua technical support or an authorized Dahua distributor.

In addition, Dahua released the following security notifications for users:

- Cyber Vulnerability Affecting Certain Dahua IP Cameras and Recorders (March 6)
- Cybersecurity Statement – March 6, 2017
- Cybersecurity Vulnerability Update – March 8, 2017
- Cyber Vulnerability Affecting Certain Dahua IP Cameras and Recorders (April 3)

Dahua’s original notification specifies 11 affected models, but after initial testing, Dahua has identified additional series and models in the following security notification:

- Security Notification DHCC-201703-01

See Also

http://us.dahuasecurity.com/en/us/Security-Bulletin_030617.php

http://www.securityfocus.com/bid/98312

https://ics-cert.us-cert.gov/advisories/ICSA-17-124-02

Plugin Details

Severity: High

ID: 502799

Version: 1.3

Type: remote

Family: Tenable.ot

Published: 12/4/2024

Updated: 12/5/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2017-7927

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:dahuasecurity:dh-ipc-hdbw13a0sn_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hfw2xxx_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hdw1xxx_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hfw4xxx_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hdw2xxx_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hdw4xxx_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hfw1xxx_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hdbw23a0rn-zs_firmware:-

Required KB Items: Tenable.ot/DahuaSecurity

Exploit Ease: No known exploits are available

Patch Publication Date: 5/6/2017

Vulnerability Publication Date: 5/6/2017

Reference Information

CVE: CVE-2017-7927

CWE: 798, 836

ICSA: 17-124-02