Ilya Smith, a Positive Technologies expert, discovered and helped to fix a critical vulnerability in firmware of Dahua IP cameras, which are widely used for video surveillance in banking, energy, telecommunication, transport, smart home systems, and other areas. This problem affects hundreds of thousands of cameras all over the world produced by Dahua both under its own brand and as OEM models for other brands.
A vulnerability CVE-2017-3223 gained the highest CVSS base score of 10. This security flaw occurs due to buffer overflow in the Sonia web interface designed for remote control of the IP camera. An unauthorised user may submit a crafted POST request to the vulnerable web interface and gain privileged access remotely, which means unlimited control over the IP camera.
"This vulnerability allows any actions with the camera via software: intercept and modify video traffic, add a device into botnet to conduct a DDoS attack like Mirai, and much more. Dahua is the second largest manufacturer of IP cameras and DVR in the world, but the discovered vulnerability can be easily exploited, which once again demonstrates the actual IoT security level," says Ilya Smith, a senior research expert with Positive Technologies.
The vulnerability is discovered in IP cameras with DH_IPC-ACK-Themis_Eng_P_V2.400.0000.14.R.20170713 and older firmware versions. To fix this bug, update the firmware to DH_IPC-Consumer-Zi-Themis_Eng_P_V2.408.0000.11.R.20170621. You can find further information on the CERT website of Carnegie Mellon University.
According to the research by Positive Technologies, malicious users can get access to over 3.5 million IP cameras all over the world. Moreover, about 90 percent of all DVR systems currently used by small and medium-sized businesses for video surveillance contain certain vulnerabilities and thus can be hacked.
This is not the first case of partnership between the two companies. In 2013, Positive Technologies helped to identify and fix multiple vulnerabilities in Dahua DVR.