Stack Overflow Vulnerability in Hikvision Access Control Products
CVE-2025-66176

8.8HIGH

Key Information:

Vendor: Hikvision
Status: Ds-k1t331; Ds-k1t341a/k1t341b; Ds-k1t671/k5671; Ds-k1t672
Vendor: CVE Published:; 13 January 2026

What is CVE-2025-66176?

A stack overflow vulnerability exists in the Search and Discovery feature of Hikvision Access Control Products. This issue can allow an attacker on the same local area network to send specially crafted packets to an unpatched device, potentially causing it to malfunction. It is crucial for users to ensure their devices are updated to protect against such attacks.

Affected Version(s)

DS-K1T201A/K1T105A Versions below V1.3.65

DS-K1T320/DS-K1T321 Versions below V3.9.40

DS-K1T323/DS-K1T510 Versions below V4.23.41

References

https://www.hikvision.com/en/support/cybersecurity/securi...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 13, 2026
Vulnerability Reserved
Nov 24, 2025

Credit

Cisco Talos Team

JSON