Dahua uses cookies and similar technologies on the website. The essential cookies are necessary to operate the website. You can accept or reject non-essential cookies by clicking the “Accept” or “Reject” button. You can change your settings at any time. For details about the cookies, please review our Cookies Statements

DHCC-201707-01:Security Advisory – Denial of Service vulnerability was found in some Dahua IP cameras

2017-07-31

SA ID: DHCC-201707-01


First Published: July 31, 2017


Summary:

Denial of Service vulnerability was found in some Dahua IP Cameras. It could be exploited to trigger null pointer error or buffer overflow, which will result in Denial of Service on devices with this vulnerability.


CVEID: CVE-2017-3223


Affected Products:

The following product models are affected

DH-IPC-A15, DH-IPC-A35, DH-IPC-C15, DH-IPC-C35,DH-IPC-HDBW1120E-W DH-IPC-HDBW1320E-W, DH-IPC-HFW1120S-W, DH-IPC-HFW1320S-W,DH-IPC-K15, DH-IPC-K35, DH-IPC-K15A, DH-IPC-K35A, DH-IPC-HDBW11A0EN-W,DH-IPC-HDBW13A0EN-W, DH-IPC-HFW11A0SN-W, DH-IPC-HFW13A0SN-W


Impact:

It could be exploited to attack devices with this vulnerability


Fixed software release:

Fixed software can be downloaded from Dahua website.

DH_IPC-Consumer-Zi-Themis_Eng_P_V2.400.0000.15.R.20170726

DH_IPC-Consumer-Zi-Themis_EngSpn_N_V2.400.0000.15.R.20170726


Support Resources

Dahua technical team will contact customers to advise and support the upgrade process. For any questions or concerns related to cybersecurity, please contact Dahua at psirt@dahuatech.com