Select Page

Details have been shared about a security vulnerability in Dahua’s Open Network Video Interface Forum (ONVIF) standard implementation, which, when exploited, can lead to seizing control of IP cameras.

Tracked as CVE-2022-30563 (CVSS score: 7.4), the “vulnerability could be abused by attackers to compromise network cameras by sniffing a previous unencrypted ONVIF interaction and replaying the credentials in a new request towards the camera,” Nozomi Networks said in a Thursday report.

The issue, which was addressed in a patch released on June 28, 2022, impacts the following products –

  • Dahua ASI7XXX: Versions prior to v1.000.0000009.0.R.220620
  • Dahua IPC-HDBW2XXX: Versions prior to v2.820.0000000.48.R.220614
  • Dahua IPC-HX2XXX: Versions prior to v2.820.0000000.48.R.220614

ONVIF governs the development and use of an open standard for how IP-based physical security products such as video surveillance cameras and access control systems can communicate with one another in a vendor-agnostic manner.

The bug identified by Nozomi Networks resides in what’s called the “WS-UsernameToken” authentication mechanism implemented in certain IP cameras developed by Chinese firm Dahua, allowing attackers to compromise the cameras by replaying the credentials.

images from Hacker News