CVE-2025-66174

There is an improper authentication vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and run a series of commands.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://www.hikvision.com/en/support/cybersecurity/security-advisory/serial-port-privilege-escalation-vulnerabilities-in-some-hikvision-nvr-devices/	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:hikvision:ds-7104hghi-f1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-7104hghi-f1:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:hikvision:ds-7204hghi-f1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-7204hghi-f1:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-12-19 07:16

Updated : 2025-12-23 21:45

NVD link : CVE-2025-66174

Mitre link : CVE-2025-66174

CVE.ORG link : CVE-2025-66174

JSON object : View

Products Affected

hikvision

ds-7104hghi-f1_firmware
ds-7204hghi-f1
ds-7104hghi-f1
ds-7204hghi-f1_firmware

CWE

CWE-287

Improper Authentication

{"id": "CVE-2025-66174", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "hsrc@hikvision.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.9}]}, "published": "2025-12-19T07:16:01.817", "references": [{"url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/serial-port-privilege-escalation-vulnerabilities-in-some-hikvision-nvr-devices/", "tags": ["Vendor Advisory"], "source": "hsrc@hikvision.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "There is an improper authentication vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and run a series of commands."}], "lastModified": "2025-12-23T21:45:04.027", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hikvision:ds-7104hghi-f1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E24B2885-8FBF-4738-8C7A-1C8DB3823EE5", "versionEndIncluding": "4.30.122_201107"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hikvision:ds-7104hghi-f1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8104E12A-CD97-4F8F-9A76-8CD308B9F98A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:hikvision:ds-7204hghi-f1_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DA771B5-1C67-4A32-90B2-A7E0E9C194F7", "versionEndIncluding": "4.30.122_201107"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:hikvision:ds-7204hghi-f1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6DF801EB-DDBF-44C6-84BB-9D903FEBEAC8"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "hsrc@hikvision.com"}