Buffer Overflow Vulnerability in Dahua Security Devices
CVE-2020-9499

7.2HIGH

Key Information:

Vendor: Dahuasecurity
Status: Ipc-hx2xxx Series,ipc-hxxx5x4x Series,ipc-hx5842h,ipc-hx7842h,nvr 5x Series,nvr 4x Series,sd6al Series,sd5a Series,sd1a Series,ptz1a Series,sd50/52c Series
Vendor: CVE Published:; 9 April 2020

🔔 Create Dahuasecurity Vulnerability Alert

What is CVE-2020-9499?

Certain Dahua security products are susceptible to buffer overflow vulnerabilities. When a legitimate user logs in, an attacker may exploit this vulnerability by sending a specific Dynamic Domain Name System (DDNS) test command, which can lead to a crash of the affected device. This underscores the importance of keeping devices updated and secured to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

IPC-HX2XXX Series,IPC-HXXX5X4X Series,IPC-HX5842H,IPC-HX7842H,NVR 5x Series,NVR 4x Series,SD6AL Series,SD5A Series,SD1A Series,PTZ1A Series,SD50/52C Series Versions which Build time before December,2019

References

https://www.dahuasecurity.com/support/cybersecurity/detai...

x_refsource_MISC

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 9, 2020
Vulnerability Reserved
Mar 1, 2020

JSON

Dahuasecurity

What is CVE-2020-9499?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.