Buffer Overflow Vulnerability in Dahua IP Camera Devices
CVE-2019-9676

7.8HIGH

Key Information:

Vendor: Dahuasecurity
Status: Ipc-hfw1xxx,ipc-hdw1xxx,ipc-hfw2xxx
Vendor: CVE Published:; 12 June 2019

🔔 Create Dahuasecurity Vulnerability Alert

What is CVE-2019-9676?

A buffer overflow vulnerability has been identified in specific Dahua IP Camera models that could allow attackers to exploit the device after local login. This vulnerability exists in the serial port printing functionality, which is not utilized by the core functions of the device. If successfully exploited, it could lead to unexpected device restarts or even arbitrary code execution. Dahua has taken steps to address this issue through a security audit and has released updated firmware versions that eliminate the affected functionality in newer devices.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11

References

https://www.dahuasecurity.com/support/cybersecurity/detai...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 12, 2019
Vulnerability Reserved
Mar 11, 2019

JSON

Dahuasecurity

What is CVE-2019-9676?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.