CVE-2017-7921

CVE

Critical KEVConfirmedExploit available

An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I…

CVSS

9.8

Critical

EPSS

0.94

p99

Published

2017-01-01

Updated

2026-03-05

Description

An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5.2.0 build 140805 to V5.4.5 Build 160928, and DS-2CD63xx Series V5.0.9 build 140305 to V5.3.5 Build 160106 devices. The improper authentication vulnerability occurs when an application does not adequately or correctly authenticate users. This may allow a malicious user to escalate his or her privileges on the system and gain access to sensitive information.

Tags · CWE

KEVPre-auth

CWE-287

CAPEC-22

CAPEC-57

CAPEC-94

CAPEC-114

CAPEC-115

CAPEC-151

CAPEC-194

CAPEC-593

CAPEC-633

CAPEC-650

Affected products

Ds-2cd2032-i_firmwareDs-2cd2112-i_firmwareDs-2cd2132-i_firmwareDs-2cd2212-i5_firmwareDs-2cd2232-i5_firmwareDs-2cd2312-i_firmwareDs-2cd2332-i_firmwareDs-2cd2412f-i(w)_firmwareDs-2cd2432f-i(w)_firmwareDs-2cd2512f-i(s)_firmwareDs-2cd2532f-i(s)_firmwareDs-2cd2612f-i(s)_firmwareDs-2cd2632f-i(s)_firmwareDs-2cd2712f-i(s)_firmwareDs-2cd2732f-i(s)_firmwareDs-2cd2t32-i3_firmwareDs-2cd2t32-i5_firmwareDs-2cd2t32-i8_firmwareDs-2cd4012f-(a)_firmwareDs-2cd4012f-(p)_firmware

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

2017-01-01

Published

2026-03-05

Added to KEV

2026-03-05

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: N

None (N)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: H

High (H)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.942 · p99

Known exploited (KEV)

Yes

MITRE ATT&CK

Inferred via CAPEC

T1040Network Sniffing

└ via CAPEC-57 · CWE-287

T1134Access Token Manipulation

└ via CAPEC-633 · CWE-287

T1185Browser Session Hijacking

└ via CAPEC-593 · CWE-287

T1505.003Web Shell

└ via CAPEC-650 · CWE-287

T1548Abuse Elevation Control Mechanism

└ via CAPEC-114 · CWE-287

T1550.001Application Access Token

└ via CAPEC-593 · CWE-287

T1557Adversary-in-the-Middle

└ via CAPEC-94 · CWE-287

T1563Remote Service Session Hijacking

└ via CAPEC-593 · CWE-287

Known exploits — Сканер-ВС

CVE-2017-7921

cisa · https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Enterprise

Affected software

Product	Vendor	Status
ds-2cd2032-i_firmware	*	Exploited
ds-2cd2112-i_firmware	*	Exploited
ds-2cd2132-i_firmware	*	Exploited
ds-2cd2212-i5_firmware	*	Exploited
ds-2cd2232-i5_firmware	*	Exploited
ds-2cd2312-i_firmware	*	Exploited
ds-2cd2332-i_firmware	*	Exploited
ds-2cd2412f-i(w)_firmware	*	Exploited
ds-2cd2432f-i(w)_firmware	*	Exploited
ds-2cd2512f-i(s)_firmware	*	Exploited
ds-2cd2532f-i(s)_firmware	*	Exploited
ds-2cd2612f-i(s)_firmware	*	Exploited
ds-2cd2632f-i(s)_firmware	*	Exploited
ds-2cd2712f-i(s)_firmware	*	Exploited
ds-2cd2732f-i(s)_firmware	*	Exploited
ds-2cd2t32-i3_firmware	*	Exploited
ds-2cd2t32-i5_firmware	*	Exploited
ds-2cd2t32-i8_firmware	*	Exploited
ds-2cd4012f-(a)_firmware	*	Exploited
ds-2cd4012f-(p)_firmware	*	Exploited

Source databases

CVE

Related vulnerabilities

BDU:2021-01212