We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
An unauthenticated remote command execution vulnerability exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The endpoint /bic/ssoService/v1/applyCT deserializes untrusted user input, allowing an attacker to trigger Fastjson's auto-type feature to load arbitrary Java classes. By referencing a malicious class via an LDAP URL, an attacker can achieve remote code execution on the underlying system.
Reserved 2025-04-15 | Published 2025-07-02 | Updated 2025-07-02 | Assigner VulnCheckCWE-502 Deserialization of Untrusted Data
github.com/... applyCT Fastjson远程命令执行漏洞.md
s4e.io/tools/hikvision-applyct-remote-code-execution
vulncheck.com/...vision-hik-central-remote-command-execution
Support options