Dahuasecurity.com verwendet Cookies und ähnliche Technologien. Dahua verwendet funktionale und analytische Cookies, um Funktionen der Seiten sicherzustellen und Ihre Nutzererfahrung optimal zu gestalten. Cookies von Drittanbietern können Daten auch außerhalb unserer Websites sammeln. Wenn Sie klicken Ich stimme zuoder Sie sind für das Setzen von Cookies und die Verarbeitung der betreffenden personenbezogenen Daten einverstanden, wenn Sie diese Seite weiterhin benutzen. Mehr Informationen zu unseren Cookie Statement.

Security Advisory - Access control vulnerability found in some Dahua products

952

SA ID: DHCC-SA-202201-001

First Published: 2022-01-12


Summary:

Some Dahua products have access control vulnerability in the password reset process. Attackers can exploit this vulnerability through specific deployments to reset device passwords.

Common Vulnerabilities and Exposures (CVE ID):

CVE-2021-33046


Vulnerability Score

The vulnerability classification has been performed by using the CVSSv3 scoring system (http://www.first.org/cvss/specification-document).

Base Score: 8.1(AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

Temporal Score: 7.3(E:P/RL:O/RC:C)

Affected Products & Fix Software:

The following product series and models are currently known to be affected:

Affected Model

Affected Version

Fix Software

IPC- HX1XXX,

HX2XXX,

HX3XXX,

HX5(4)(3)XXX,

HX5XXX,

HUM7XXX,

HFW7XXX,

HX8XXX,

Versions which Build time between 2017/7 ~ 2021/7

DH_IPC-HX1XXX-Molec_MultiLang_PN_V2.820.0000000.33.R.210705.zip

DH_IPC-HX1XXX-Molec_MultiLang_NP_V2.820.0000000.33.R.210705.zip

DH_IPC-HX2XXX-Molec_MultiLang_PN_V2.820.0000000.33.R.210705.zip

DH_IPC-HX2XXX-Molec_MultiLang_NP_V2.820.0000000.33.R.210705.zip

DH_IPC-HX3XXX-Leo_MultiLang_PN_Stream3_V2.800.0000000.29.R.210630.zip

DH_IPC-HX3XXX-Leo_MultiLang_NP_Stream3_V2.800.0000000.29.R.210630.zip

DH_IPC-HX3XXX-Dalton_MultiLang_NP_Stream3_V2.820.0000000.18.R.210705.zip

DH_IPC-HX3XXX-Dalton_MultiLang_PN_Stream3_V2.820.0000000.18.R.210705.zip

DH_IPC-HX5(4)(3)XXX-Leo_MultiLang_PN_Stream3_V2.800.0000000.29.R.210630.zip

DH_IPC-HX5(4)(3)XXX-Leo_MultiLang_NP_Stream3_V2.800.0000000.29.R.210630.zip

DH_IPC-HX5XXX-Volt_MultiLang_PN_Stream3_V2.820.0000000.5.R.210705.zip

DH_IPC-HX5XXX-Volt_MultiLang_NP_Stream3_V2.820.0000000.5.R.210705.zip

DH_IPC-HUM7XXX-E2-Volt_MultiLang_NP_V2.820.0000000.5.R.210705.zip

DH_IPC-HUM7XXX-E2-Volt_MultiLang_PN_V2.820.0000000.5.R.210705.zip

DH_IPC-HFW7XXX-E3-Fafnir_MultiLang_PN_Stream4_V2.800.0000000.4.R.210708.zip

DH_IPC-HFW7XXX-E3-Fafnir_MultiLang_NP_Stream4_V2.800.0000000.4.R.210708.zip

DH_IPC-HX8XXX-Nobel_MultiLang_PN_V3.000.0000000.2.R.210712.zip

DH_IPC-HX8XXX-Nobel_MultiLang_NP_V3.000.0000000.2.R.210712.zip

DH_IPC-HX8XXX-Nobel_MultiLang_NP_Stream3_V2.800.0000000.14.R.210720.zip

DH_IPC-HX8XXX-Nobel_MultiLang_PN_Stream3_V2.800.0000000.14.R.210720.zip

DH_IPC-HX8XXX-Nobel_MultiLang_PN_V2.800.0000000.14.R.210712.zip

DH_IPC-HX8XXX-Nobel_MultiLang_NP_V2.800.0000000.14.R.210712.zip

PTZ:

SD1A1,

SD22,

SD49,

SD50,

SD52C,

SD6AL

DH_SD-Eos-Civil_MultiLang_NP_Stream3_V2.813.0000003.0.R.210817.zip

DH_SD-Eos-Civil_MultiLang_PN_Stream3_V2.813.0000003.0.R.210817.zip

DH_SD-Eos_MultiLang_PN_Stream3_V2.812.0000007.0.R.210706.zip

DH_SD-Eos_MultiLang_NP_Stream3_V2.812.0000007.0.R.210706.zip

Thermal:

TPC-BF1241,

TPC-BF2221,

TPC-SD2221,

TPC-BF5X01,

TPC-SD8X21,

TPC-PT8X21X,

DH_TPC-BF1241-TB_MultiLang_NP_V2.630.0000000.6.R.210707.zip

DH_TPC-BF1241-TB_MultiLang_PN_V2.630.0000000.6.R.210707.zip

DH_TPC-BF2221-TB_MultiLang_PN_V2.630.0000000.10.R.210707.zip

DH_TPC-BF2221-TB_MultiLang_NP_V2.630.0000000.10.R.210707.zip

DH_TPC-SD2221-TB_MultiLang_PN_V2.630.0000000.7.R.210707.zip

DH_TPC-SD2221-TB_MultiLang_NP_V2.630.0000000.7.R.210707.zip

DH_TPC-BF5X01-TB_MultiLang_PN_V2.630.0000000.12.R.210707.zip

DH_TPC-BF5X01-TB_MultiLang_NP_V2.630.0000000.12.R.210707.zip

DH_TPC-SD8X21-TB_MultiLang_PN_V2.630.0000000.9.R.210706.zip

DH_TPC-SD8X21-TB_MultiLang_NP_V2.630.0000000.9.R.210706.zip

DH_TPC-PT8X21A-TB_MultiLang_PN_V2.630.0000000.14.R.210630.zip

DH_TPC-PT8X21A-TB_MultiLang_NP_V2.630.0000000.14.R.210630.zip

DH_TPC-PT8X21B-B_MultiLang_PN_V2.630.0000000.10.R.210701.zip

DH_TPC-PT8X21B-B_MultiLang_NP_V2.630.0000000.10.R.210701.zip

VTOX20XF,

ASC2204C,

DH_VTOX20XF_MultiLang_PN_SIP_V4.500.0000001.0.R.210713.zip

DH_ASC2204C_Eng_V1.001.0000001.0.R.20210728.zip

NVR1XXX,

NVR2XXX,

NVR4XXX,

NVR5XXX,

NVR6XX,

Versions which Build time between 2017/1 ~ 2021/7

DH_NVR1XXX-S3H_MultiLang_V4.001.0000005.1.R.210709.zip

DH_NVR1XHC-S3_MultiLang_V4.001.0000000.1.R.210710.zip

DH_NVR2XXX-I_Mul_V4.001.0000000.1.R.210710.zip

DH_NVR2XXX-4KS2_MultiLang_V4.001.0000005.0.R.210709.zip

DH_NVR2XXX-I2_Mul_V4.002.0000000.0.R.210709.zip

DH_NVR2XXX-W-4KS2_MultiLang_V4.001.0000003.1.R.210709.zip

DH_NVR4XXX-I_MultiLang_V4.001.0000000.3.R.210710.zip

DH_NVR4XXX-4KS2_MultiLang_V4.001.0000005.1.R.210713.zip

DH_NVR4x-4KS2L_MultiLang_V4.001.0000001.0.R.210709.zip

DH_NVR5XXX-I_MultiLang_V4.001.0000000.3.R.210710.zip

DH_NVR5XXX-IL_MultiLang_V4.001.0000000.0.R.210710.zip

DH_NVR5XXX-4KS2_MultiLang_V4.001.0000006.1.R.210709.zip

DH_NVR6XX-4KS2_MultiLang_V4.001.0000001.1.R.210716.BIN

XVR4XXX,

XVR5XXX,

XVR7XXX,

DH_XVR4x08-I3_MultiLang_V4.001.0000000.15.R.210702.zip

DH_XVR4x04-X1(2.0)_MultiLang_V4.001.0000000.14.R.210709.zip

DH_XVR4x04-I_MultiLang_V4.001.0000001.1.R.210709.zip

DH_XVR4x08-I_MultiLang_V4.001.0000001.1.R.210709.zip

DH_XVR4x04-I_MultiLang_V4.001.0000001.2.R.210710.zip

DH_XVR4x08-I_MultiLang_V4.001.0000001.2.R.210710.zip

DH_XVR4x08-I_MultiLang_V4.001.0000001.3.R.210710.zip

DH_XVR4x04-I_MultiLang_V4.001.0000001.3.R.210710.zip

DH_XVR5x16-I2_MultiLang_V4.001.0000003.1.R.210710.zip

DH_XVR5x04-I2_MultiLang_V4.001.0000003.1.R.210710.zip

DH_XVR5x08-I2_MultiLang_V4.001.0000003.1.R.210710.zip

DH_XVR5x04-I3_MultiLang_V4.001.0000000.15.R.210702.zip

DH_XVR5x08-I3_MultiLang_V4.001.0000000.15.R.210702.zip

DH_XVR5x04-X1(2.0)_MultiLang_V4.001.0000000.14.R.210709.zip

DH_XVR5x08-X_MultiLang_V4.001.0000000.9.R.210710.zip

DH_XVR5x16-X_MultiLang_V4.001.0000000.9.R.210710.zip

DH_XVR5x04-S2(2.0)_EngSpnFrn_NP_V3.218.0000002.7.R.210707.zip

DH_XVR5x04-S2(2.0)_Eng_P_V3.218.0000002.7.R.210707.zip

DH_XVR5x04-S2(2.0)_EngSpnFrn_NP_V3.218.0000002.7.R.210707.zip

DH_XVR5x04-S2(2.0)_Eng_P_V3.218.0000002.7.R.210707.zip

DH_XVR7x32-I2_MultiLang_V4.001.0000003.1.R.210710.zip

DH_XVR7x16-I2_MultiLang_V4.001.0000003.1.R.210710.zip

DH_XVR7x32-I2_MultiLang_V4.001.0000003.1.R.210710.zip

DH_XVR7x16-X_MultiLang_V4.001.0000000.9.R.210710.zip

HCVR7XXX

HCVR8XXX

DH_HCVR7x16-S3_Eng_P_V3.218.0000002.5.R.210713.zip

DH_HCVR8xxx_Eng_P_V3.218.0000000.3.R.210903.zip

DH_HCVR8xxx_EngSpnFrn_NP_V3.218.0000000.3.R.210903.zip

Note: Please login to the Web interface of the device to view Build time, which you can find on the Settings-System Information-Version Information page (setting-systeminfo-version).


Fix Software Download

Please download the corresponding fix software or its newer version as listed in the above table from Dahua website, or contact Dahua local technical support to upgrade.

· Cloud Upgrade: Dahua products have the capability of cloud upgrade. Relevant repair versions can be obtained through cloud upgrade.

· Dahua Official website: Overseas: https://www.dahuasecurity.com/support/downloadCenter.

· Dahua Technical Support Personnel

Support Resources

For any questions or concerns related to our products and solutions, please contact Dahua DHCC at cybersecurity@dahuatech.com.

We acknowledge the support of Shielder Team and Romain KOSZYK from DIGITEMIS CYBERSECURITY & PRIVAC who discovered this vulnerability and reported to DHCC.

Update Record:

2022-02-10 UPDATE v1.2 Update the affected products & fix software

2022-01-19 UPDATE v1.1 Update the affected products & fix software

2022-01-12 INITIAL