Home

Description

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.

PUBLISHED Reserved 2025-11-24 | Published 2026-01-13 | Updated 2026-01-13 | Assigner hikvision




HIGH: 8.8CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Product status

Versions below V3.7.80
affected

Versions below V3.7.80
affected

Versions below V3.7.80
affected

Versions below V3.7.80
affected

Versions below V3.7.80
affected

Versions below V3.7.80
affected

Versions below V3.3.180
affected

Versions below V4.48.0
affected

Versions below V1.4.21
affected

Versions below V1.4.22
affected

Versions below V1.4.21
affected

Versions below V1.4.22
affected

Versions below V1.4.23
affected

Versions below V1.3.65
affected

Versions below V4.48.0
affected

Versions below V3.25.40
affected

Versions below V3.9.40
affected

Versions below V4.23.41
affected

Versions below V4.37.40
affected

Credits

Cisco Talos Team finder

References

www.hikvision.com/...erabilities-in-some-hikvision-products/

cve.org (CVE-2025-66176)

nvd.nist.gov (CVE-2025-66176)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.