Remote Command Execution Vulnerability in Hikvision Integrated Security Management Platform
CVE-2025-34067

10CRITICAL

Key Information:

Vendor

Hikvision

Status
Integrated Security Management Platform
Vendor
CVE Published:
2 July 2025

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-34067?

CVE-2025-34067 is a critical vulnerability that affects the Hikvision Integrated Security Management Platform, a widely used solution for managing and monitoring integrated security systems, including surveillance cameras and access controls. This vulnerability arises from the application’s use of a flawed version of the Fastjson library within the applyCT component. Specifically, it allows unauthenticated remote command execution due to improper deserialization of untrusted user input on the endpoint /bic/ssoService/v1/applyCT. By taking advantage of this flaw, an attacker can manipulate the system to invoke Fastjson's auto-type feature, enabling the loading of arbitrary Java classes from a malicious LDAP URL, which can result in remote code execution on the underlying system.

This vulnerability could severely impact organizations by enabling malicious actors to execute commands on their security management systems without any authentication. Consequently, the integrity and confidentiality of sensitive data could be compromised, leading to unauthorized access to surveillance feeds and security controls.

Potential impact of CVE-2025-34067

  1. Unauthorized Remote Control: Attackers can gain complete control over the security management system, potentially allowing them to manipulate or shut down security measures such as alarms, locks, and monitoring systems.

  2. Data Breach Risks: The vulnerability opens the door for data breaches, as attackers could access sensitive information, including surveillance footage and credential databases, risking organizational security and compliance with data protection laws.

  3. Increased Malware Propagation: Successful exploitation could serve as a foothold for further attacks within an organization’s network, allowing adversaries to deploy malicious software, including ransomware, potentially leading to widespread system compromise and data loss.

Affected Version(s)

Integrated Security Management Platform 0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-34067 - Proof of Concept

References

https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/...
exploit
https://s4e.io/tools/hikvision-applyct-remote-code-execution
third-party-advisory
https://vulncheck.com/advisories/hikvision-ismp-rce-applyct
third-party-advisory

CVSS V4

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-34067 : Remote Command Execution Vulnerability in Hikvision Integrated Security Management Platform