Identity Authentication Bypass in Dahua Products
CVE-2021-33044

9.8CRITICAL

Key Information:

Vendor

Dahuasecurity

Status
Some Dahua Ip Camera, Video Intercom, Ptz Dome Camera, Thermal Camera Devices
Vendor
CVE Published:
15 September 2021

Badges

πŸ‘Ύ Exploit Exists🟑 Public PoC🟣 EPSS 94%πŸ¦… CISA Reported

What is CVE-2021-33044?

A vulnerability affecting various Dahua security devices allows attackers to bypass the authentication mechanism during the login process. By crafting malicious data packets, attackers can exploit this flaw to gain unauthorized access to sensitive device functionalities, potentially compromising the security and integrity of surveillance systems. Users of Dahua products should take immediate measures to update their devices and bolster their security protocols to mitigate risks associated with this vulnerability.

CISA has reported CVE-2021-33044

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2021-33044 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Some Dahua IP Camera, Video Intercom, PTZ Dome Camera, Thermal Camera devices Dahua IP Camera devices IPC-HX3XXX, IPC-HX5XXX, and IPC-HUM7XXX, Video Intercom devices VTO75X95X, VTO65XXX, and VTH542XH, PTZ Dome Camera SD1A1, SD22, SD49, SD50, SD52C, and SD6AL, Thermal TPC-BF1241, TPC-BF2221, TPC-SD2221, TPC-BF5XXX, TPC-SD8X21, and TPC-PT8X21B devices Buildtime before June, 2021.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

DahuaLoginBypass
Created by bp2008

CVE-2021-33044
Created by dorkerdevil

dahua-cve-research
Created by umair-aziz025

References

https://www.dahuasecurity.com/support/cybersecurity/detai...
x_refsource_MISC
http://seclists.org/fulldisclosure/2021/Oct/13
mailing-listx_refsource_FULLDISC
http://packetstormsecurity.com/files/164423/Dahua-Authent...
x_refsource_MISC

EPSS Score

94% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ¦…

    CISA Reported

  • 🟑

    Public PoC available

  • πŸ‘Ύ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.