Chinese video surveillance company Hikvision has patched a critical vulnerability in some of its wireless bridge products. The flaw can lead to remote CCTV hacking, according to the researchers who found it.
In an advisory published on December 16, Hikvision revealed that two of its wireless bridge products, designed for elevator and other video surveillance systems, are affected by CVE-2022-28173, a critical access control vulnerability.
The security hole can be exploited by sending specially crafted messages to affected devices, allowing the attacker to gain administrator permissions.
Firmware patches have been made available for DS-3WF0AC-2NT and DS-3WF01C-2N/O products. The issue was reported to the vendor in September through CERT India and a patch was released earlier this month.
