Threat actors might exploit vulnerable Dahua Cameras from afar

Threat actors vulnerability exploit Dahua Camera CCTV surveillance

Recently, research revealed that two authentication bypass vulnerabilities were present in the unpatched Dahua cameras. The said vulnerabilities have a possibility of a remote attack from malicious threat actors. 

Meanwhile, Dahua Technology is a solution provider in the video surveillance industry. The security camera company covers various sectors such as banking and finance, industrial, retail, government, and leisure. 

As mentioned earlier, the current concerns regarding the company are the authentication bypass flaws identified as CVE-2021-33044 and CVE-2021-33045. These vulnerabilities are classified as dangerous flaw to the system since it is exploitable by a remote threat actor. It can be exploited during the login process by sending crafted data packets to the vulnerable target device. 

 

After discovering the flaw, Dahua released an advisory that advised thousands of owners of the vulnerable models to upgrade their firmware.

 

However, considering how neglected these devices are following their initial setup, it is more likely that most of them are currently running the old and exploitable version. 

The research team also added that the list of affected models is extensive and covers many Dahua cameras, including some thermal variety. They also confirmed that they found almost 1.2 million Dahua systems globally. They also clarified that not all devices are exploitable by threat actors, but the vulnerability affects many deployed models. 

 

The U.S. Department of Commerce long-banned Dahua Technology 

Since October 2019, Dahua Technology has been banned from conducting business and product selling in the United States of America. The United States Department of Commerce noted that the Chinese surveillance camera vendor is classified as an ‘Entity List.’ 

Despite the banning of the U.S. Government from the said company, there are still thousands of Dahua cameras currently used inside the United States’ territory. Despite the prohibition, this is made possible due to an American and Canadian security camera seller currently using the Dahua hardware and software. 

 

What are the possible remedies for avoiding exploitation? 

Aside from upgrading your Dahua camera to its latest version, you can also change your password to an even stronger one. If you retain the default password, it is easier for threat actors to access your video feeds. 

In addition to changing the password, we advise you to enable WPA2 encryption if the cameras are wireless and set up an isolated network for your IoTs. 

About the author

iZOOlogic

Leave a Reply