Dahua surveillance cameras are used throughout many critical infrastructure sectors such as oil & gas, power grids, telecommunications, etc. These cameras are used to oversee many production processes, providing remote visibility to process engineers. Threat actors, nation-state threat groups in particular, could be interested in hacking IP cameras to help gather intel on the equipment or production processes of the target company. This information could aid in reconnaissance conducted prior to launching a cyberattack. With more knowledge of the target environment, threat actors could craft custom attacks that can physically disrupt production processes in critical infrastructure.

The vendor has published details of four vulnerabilities impacting Dahua IP Camera that can allow attackers to seize control of IP cameras.

1. CVE-2022-30560

Base Score: 5.4

When an attacker obtains the administrative account and password, or through a man-in-the-middle attack, the attacker could send a specified crafted packet to the vulnerable interface then lead the device to crash.

2. CVE-2022-30561

Base Score: 5.9

When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in, the attacker could log in to the device by replaying the user’s login packet.

3. CVE-2022-30562

Base Score: 3.7

If the user enables the https function on the device, an attacker can modify the user’s request data packet through a man-in-the-middle attack and redirect to a malicious page.

4. CVE-2022-30563

Base Score: 6.8

When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in through ONVIF, he can log in to the device by replaying the user’s login packet.The issue affects Dahua’s implementation of the Open Network Video Interface Forum (ONVIF). This vulnerability could be abused by attackers to compromise network cameras by sniffing a previous unencrypted ONVIF interaction and replaying the credentials in a new request towards the camera. Once obtained the credentials, an attacker can add an administrator account and use it to obtain full access to the device and perform actions such as watching live footage

The following versions of Dahua video products, are affected:

Dahua ASI7XXX: Versions prior to v1.000.0000009.0.R.220620
Dahua IPC-HDBW2XXX: Versions prior to v2.820.0000000.48.R.220614
Dahua IPC-HX2XXX: Versions Prior to v2.820.0000000.48.R.220614

The vendor addressed the issue with the release of a patch.

Mike Stevens

Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.

4 critical vulnerabilities in Dahua IP Camera allow to take control of CCTV system remotely. Patch immediately

1. CVE-2022-30560

2. CVE-2022-30561

3. CVE-2022-30562

4. CVE-2022-30563

Critical Vulnerabilities in Cisco ASA & FTD Exposed! Learn How to Exploit CVE-2024-20353 and CVE-2024-20359

Dual Vulnerabilities in Microsoft SharePoint Server: Essential Steps to Mitigate Vulnerabilities

Exploiting the High-Risk Vulnerabilities in Secure Boot of Most Linux Devices on the Planet

Hackers’ New Target is containerized environments through vulnerabilities in runC

Hacking Android, Linux, macOS, iOS, Windows Devices via Bluetooth using a single vulnerability

110 Million AT&T Customers’ Data leaked: Inside the $370,000 Ransom Payment

How Hackers Stole Taylor Swift Tickets: The Full Ticketmaster Breach Story

Dark Web Sale: AMD’s Confidential Data Leaked – Full Story Revealed!

How Snowflake Hack is Linked to Santander(Spain, Chile, Uruguay) and Ticketmaster Breaches.Are You Affected?

Healthcare Hack Horror: Cyberattacks Leave French Hospitals in Chaos for $10 Million

Hacking the Unhackable: The Story of How CISA Was Breached

The Cloudflare Hack: A Hacker, 5000 Credentials, and Operation Code Red

One Man Scammed Spotify, Apple Music for 5 years with 4 BILLION Streams. How Artists Are Earning Millions Illegally?

Comparing CIS v8, CIS AWS Foundations Benchmark v1.5, and PCI DSS v4.0 for CSPM. Which you Should Start With?

MITRE EMB3D Explained: Top Threats to Embedded Devices and How EMB3D Mitigates Them

Google Gemini Under Fire: Critical Security Vulnerabilities You Need to Know to hack Gemini

Cracking SCCM Wide Open: Pentesting System Center Configuration Manager with Misconfiguration Manager

Hacking Windows 10 and 11 with DLL Search Order Hijacking without administrator rights

Hacking SSH Connections by exploiting SSH Protocol Vulnerabilities: Different Terrapin Attack Vectors

Understanding Latest DHCP DNS Vulnerabilities and How DHCP Exploits work in Active Directory

Hacking Bluetooth via MiTM: The BLUFFS Bluetooth attack to hack into Millions of Devices

6 Steps to File Anonymous SEC Complaints Against Data Breachers & Force Them to Pay Fines or Take Action

Inside the Exploit: How Your ChatGPT’s Uploaded Files Could Be Stolen by Prompt Injection Vulnerability

This Google Calendar technique allows to hack into companies without getting detected

This telegram bot is like ChatGPT for scammers to steal money from victims easily

How easy is to bomb someone mobile phone with thousands of SMS messages?

This new DDoS attack prevention technique has a 99% accuracy rate

The Dark Side of PDFs: How Opening a Simple PDF Could Unleash a Cybersecurity Nightmare

Largest soft drink bottle supplier, recycle and plastic manufacturers hacked by ransomware

Visited thesaurus.com in search for Synonyms? You have Coinminer malware infection

How to send malware via Teams, even “Safe Attachments” or “Safe Links” can’t protect you

2 Big Cloud hosting companies shutdown by ransomware and lose all customer data