CVE-2025-66173

There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted shell environment.

CVSS v3 6.2 MEDIUM

6.2^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.3 / Impact : 5.9

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.hikvision.com/en/support/cybersecurity/security-advisory/serial-port-privilege-escalation-vulnerabilities-in-some-hikvision-nvr-devices/	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:hikvision:ds-7104hghi-f1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-7104hghi-f1:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:hikvision:ds-7204hghi-f1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-7204hghi-f1:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-12-19 07:16

Updated : 2025-12-23 21:45

NVD link : CVE-2025-66173

Mitre link : CVE-2025-66173

CVE.ORG link : CVE-2025-66173

JSON object : View

Products Affected

hikvision

ds-7104hghi-f1_firmware
ds-7204hghi-f1
ds-7104hghi-f1
ds-7204hghi-f1_firmware

CWE

CWE-269

Improper Privilege Management

{"id": "CVE-2025-66173", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "hsrc@hikvision.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.3}]}, "published": "2025-12-19T07:16:01.643", "references": [{"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/serial-port-privilege-escalation-vulnerabilities-in-some-hikvision-nvr-devices/", "tags": ["Vendor Advisory"], "source": "hsrc@hikvision.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-269"}]}], "descriptions": [{"lang": "en", "value": "There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted shell environment."}], "lastModified": "2025-12-23T21:45:17.400", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hikvision:ds-7104hghi-f1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E24B2885-8FBF-4738-8C7A-1C8DB3823EE5", "versionEndIncluding": "4.30.122_201107"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hikvision:ds-7104hghi-f1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8104E12A-CD97-4F8F-9A76-8CD308B9F98A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hikvision:ds-7204hghi-f1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DA771B5-1C67-4A32-90B2-A7E0E9C194F7", "versionEndIncluding": "4.30.122_201107"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hikvision:ds-7204hghi-f1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6DF801EB-DDBF-44C6-84BB-9D903FEBEAC8"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "hsrc@hikvision.com"}