Buffer Overflow Vulnerability in Dahua Products
CVE-2025-31700

8.1HIGH

Key Information:

Vendor: Dahua
Status: Ipc; Sd
Vendor: CVE Published:; 23 July 2025

What is CVE-2025-31700?

A vulnerability has been identified within Dahua Security Systems, which manifests as a buffer overflow issue. Attackers can potentially exploit this vulnerability by sending specially crafted malicious packets to targeted devices, which may lead to service disruptions, including crashes, or enable remote code execution (RCE). While some devices implement security mechanisms like Address Space Layout Randomization (ASLR) to mitigate RCE risks, the threat of denial-of-service (DoS) attacks persists, necessitating immediate attention from users to ensure system security.

Affected Version(s)

IPC Affected products include certain models from the IPC-1XXX, IPC-2XXX, IPC-WX, and IPC-ECXX series, and limited to versions which build time before April 16, 2025.

SD Affected products include certain models from the SD3A, SD2A, SD3D, SDT2A, and SD2C series, and limited to versions which build time before April 16, 2025.

References

https://www.dahuasecurity.com/aboutUs/trustedCenter/detai...

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 23, 2025
Vulnerability Reserved
Apr 1, 2025