Detections
Analytics

Dahua Technology Co., Ltd Digital Video Recorders and IP Cameras Password in Configuration File (CVE-2017-7925)

critical Tenable OT Security Plugin ID 502792

Synopsis

The remote OT asset is affected by a vulnerability.

Description

A Password in Configuration File issue was discovered in Dahua DH-IPC- HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH- IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH- SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI- HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Dahua has released updated firmware to mitigate these vulnerabilities.

Updated software can be obtained from Dahua technical support or an authorized Dahua distributor.

In addition, Dahua released the following security notifications for users:

- Cyber Vulnerability Affecting Certain Dahua IP Cameras and Recorders (March 6)
- Cybersecurity Statement – March 6, 2017
- Cybersecurity Vulnerability Update – March 8, 2017
- Cyber Vulnerability Affecting Certain Dahua IP Cameras and Recorders (April 3)

Dahua’s original notification specifies 11 affected models, but after initial testing, Dahua has identified additional series and models in the following security notification:

- Security Notification DHCC-201703-01

See Also

http://us.dahuasecurity.com/en/us/Security-Bulletin_030617.php

http://www.securityfocus.com/bid/98312

https://ics-cert.us-cert.gov/advisories/ICSA-17-124-02

Plugin Details

Severity: Critical

ID: 502792

Version: 1.3

Type: remote

Family: Tenable.ot

Published: 12/4/2024

Updated: 12/5/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2017-7925

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:dahuasecurity:dh-ipc-hdbw13a0sn_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hfw2xxx_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hdw1xxx_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hfw4xxx_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hdw2xxx_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hdw4xxx_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hfw1xxx_firmware:-, cpe:/o:dahuasecurity:dh-ipc-hdbw23a0rn-zs_firmware:-

Required KB Items: Tenable.ot/DahuaSecurity

Exploit Ease: No known exploits are available

Patch Publication Date: 5/6/2017

Vulnerability Publication Date: 5/6/2017

Reference Information

CVE: CVE-2017-7925

CWE: 260, 522

ICSA: 17-124-02