← back
CVE-2025-66176

CVE-2025-66176

CVSS 8.8 HIGHEPSS 0.5%CWE-121
There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Hikvision · DS-K1T201A/K1T105AHikvision · DS-K1T320/DS-K1T321Hikvision · DS-K1T323/DS-K1T510Hikvision · DS-K1T331Hikvision · DS-K1T341A/K1T341BHikvision · DS-K1T341CHikvision · DS-K1T342/K1T343/K1T344/DS-K1T6QT-F72/F43Hikvision · DS-K1T670/K1T673Hikvision · DS-K1T671/K5671Hikvision · DS-K1T672Hikvision · DS-K1T680Hikvision · DS-K1T8003Hikvision · DS-K1T8003/8004Hikvision · DS-K1T8005/DS-K1T808Hikvision · DS-K1T804AHikvision · DS-K1T804BHikvision · DS-K1T981Hikvision · DS-K5033

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerabilities-in-some-hikvision-products/https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2281