Multiple vulnerabilities in Hitron Systems Security Camera DVRs
| Risk | Critical |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2024-22768 CVE-2024-22769 CVE-2024-22770 CVE-2024-22771 CVE-2024-22772 CVE-2024-23842 |
| CWE-ID | CWE-1392 |
| Exploitation vector | Local network |
| Public exploit |
Vulnerability #1 is being exploited in the wild. Vulnerability #2 is being exploited in the wild. Vulnerability #3 is being exploited in the wild. Vulnerability #4 is being exploited in the wild. Vulnerability #5 is being exploited in the wild. Vulnerability #6 is being exploited in the wild. |
| Vulnerable software Subscribe |
DVR HVR-4781 Hardware solutions / Other hardware appliances DVR HVR-8781 Hardware solutions / Other hardware appliances DVR HVR-16781 Hardware solutions / Other hardware appliances DVR LGUVR-4H Hardware solutions / Other hardware appliances DVR LGUVR-8H Hardware solutions / Other hardware appliances DVR LGUVR-16H Hardware solutions / Other hardware appliances |
| Vendor | Hitron Systems |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Use of default credentials
EUVDB-ID: #VU85939
Risk: Critical
CVSSv3.1: 9.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2024-22768
CWE-ID:
CWE-1392 - Use of Default Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of default administrative credentials. A remote attacker can use default credentials to compromise the affected device.
Note, the vulnerability is being actively exploited in the wild by the Mirai botnet.
Install updates from vendor's website.
Vulnerable software versionsDVR HVR-4781: 1.03 - 4.02
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-030-04
http://www.akamai.com/blog/security-research/2024/jan/hitron-zero-day-vulnerability-spreading-mirai-patched
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
2) Use of default credentials
EUVDB-ID: #VU85940
Risk: Critical
CVSSv3.1: 9.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2024-22769
CWE-ID:
CWE-1392 - Use of Default Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of default administrative credentials. A remote attacker can use default credentials to compromise the affected device.
Note, the vulnerability is being actively exploited in the wild by the Mirai botnet. MitigationInstall updates from vendor's website.
Vulnerable software versionsDVR HVR-8781: 1.03 - 4.02
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-030-04
http://www.akamai.com/blog/security-research/2024/jan/hitron-zero-day-vulnerability-spreading-mirai-patched
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
3) Use of default credentials
EUVDB-ID: #VU85941
Risk: Critical
CVSSv3.1: 9.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2024-22770
CWE-ID:
CWE-1392 - Use of Default Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of default administrative credentials. A remote attacker can use default credentials to compromise the affected device.
Note, the vulnerability is being actively exploited in the wild by the Mirai botnet. MitigationInstall updates from vendor's website.
Vulnerable software versionsDVR HVR-16781: 1.03 - 4.02
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-030-04
http://www.akamai.com/blog/security-research/2024/jan/hitron-zero-day-vulnerability-spreading-mirai-patched
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
4) Use of default credentials
EUVDB-ID: #VU85942
Risk: Critical
CVSSv3.1: 9.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2024-22771
CWE-ID:
CWE-1392 - Use of Default Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of default administrative credentials. A remote attacker can use default credentials to compromise the affected device.
Note, the vulnerability is being actively exploited in the wild by the Mirai botnet. MitigationInstall updates from vendor's website.
Vulnerable software versionsDVR LGUVR-4H: 1.02 - 4.02
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-030-04
http://www.akamai.com/blog/security-research/2024/jan/hitron-zero-day-vulnerability-spreading-mirai-patched
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
5) Use of default credentials
EUVDB-ID: #VU85943
Risk: Critical
CVSSv3.1: 9.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2024-22772
CWE-ID:
CWE-1392 - Use of Default Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of default administrative credentials. A remote attacker can use default credentials to compromise the affected device.
Note, the vulnerability is being actively exploited in the wild by the Mirai botnet. MitigationInstall updates from vendor's website.
Vulnerable software versionsDVR LGUVR-8H: 1.02 - 4.02
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-030-04
http://www.akamai.com/blog/security-research/2024/jan/hitron-zero-day-vulnerability-spreading-mirai-patched
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
6) Use of default credentials
EUVDB-ID: #VU85944
Risk: Critical
CVSSv3.1: 9.2 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2024-23842
CWE-ID:
CWE-1392 - Use of Default Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to usage of default administrative credentials. A remote attacker can use default credentials to compromise the affected device.
Note, the vulnerability is being actively exploited in the wild by the Mirai botnet. MitigationInstall updates from vendor's website.
Vulnerable software versionsDVR LGUVR-16H: 1.02 - 4.02
External linkshttp://www.cisa.gov/news-events/ics-advisories/icsa-24-030-04
http://www.akamai.com/blog/security-research/2024/jan/hitron-zero-day-vulnerability-spreading-mirai-patched
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
