CyberSecurity News

Hikvision Vulnerabilities Allow Device Malfunction via Crafted

Two newly disclosed stack overflow vulnerabilities present serious security risks for Hikvision, a leading provider of surveillance and access control systems. These flaws, tracked as CVE-2025-66176...

Jennifer sherman
Jennifer sherman
January 13, 2026 2 Min Read
4 0

Two newly disclosed stack overflow vulnerabilities present serious security risks for Hikvision, a leading provider of surveillance and access control systems.

These flaws, tracked as CVE-2025-66176 and CVE-2025-66177, allow attackers on the same local area network (LAN) to trigger device malfunctions by sending specially crafted packets. Both carry a high CVSS v3.1 base score of 8.8, indicating significant potential impact without requiring authentication.

Security researchers uncovered these issues in Hikvision’s device Search and Discovery feature, a protocol used for network detection.

Exploitation demands only adjacent network access, such as shared Wi-Fi or office LANs, making it a prime target for insiders or opportunistic hackers. An unpatched device could crash entirely, disrupting critical operations in surveillance setups.

CVE ID Affected Products CVSS v3.1 Base Score Description
CVE-2025-66176 Partial Access Control Series Products 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) Stack overflow in Search and Discovery feature
CVE-2025-66177 Partial NVR, DVR, CVR, IPC Series Products 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) Stack overflow in Search and Discovery feature

The vector breakdown reveals low complexity: attackers need no privileges (PR:N) and no user interaction (UI:N), with high confidentiality, integrity, and availability impacts (C:H/I:H/A:H).

CVE-2025-66176 was reported by a Cisco Talos Team member, while CVE-2025-66177 came from independent researchers Angel Lozano Alcazar and Pedro Guillen Nuñez. Their disclosures underscore ongoing scrutiny of IoT and surveillance gear, where stack overflows have repeatedly enabled denial-of-service attacks.

Hikvision urges immediate patching. Users can download firmware updates from the official support page. The company emphasizes network segmentation and disabling unused discovery features as interim mitigations.

These flaws arrive amid heightened concerns over video surveillance security. Last year saw similar Hikvision advisories, prompting CISA alerts on supply chain risks. Organizations relying on these devices, from smart buildings to public safety, should prioritize scans using tools like Nmap for exposed services.

Experts warn that unpatched systems could lead to broader incidents, such as surveillance blackouts during emergencies. “LAN-adjacent attacks lower the bar for disruption,” noted a Talos spokesperson. As threats evolve, vendors must accelerate zero-trust implementations in embedded systems.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVEExploitHackerPatchSecurityThreat

Share Article

Jennifer sherman

Jennifer sherman

Jennifer is a cybersecurity news reporter covering data breaches, ransomware campaigns, and dark web markets. With a background in incident response, Jennifer provides unique insights into how organizations respond to cyber attacks and the evolving tactics of threat actors. Her reporting has covered major breaches affecting millions of users and has helped organizations understand emerging threats. Jennifer combines technical knowledge with investigative journalism to deliver in-depth coverage of cybersecurity incidents.

No Comment! Be the first one.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts