The Information Security Administration has just warned about a serious vulnerability in Hikvision’s IP camera product. This vulnerability is estimated to affect more than 100 million devices globally, including Vietnam.
In warning information about serious security holes in IP cameras Hikvision sent to specialized IT units of ministries, branches and localities; state corporations and corporations; banks, financial institutions and a system of specialized units in charge of information security today, September 22, the Information Security Department, Ministry of Information and Communications said, Hikvision on September 19 announced announced security vulnerability CVE-2021-36260 in IP camera product.
|According to the NCSC Center, the possibility that the exploit code of the CVE-2021-36260 security flaw will soon be publicly available on the Internet in the near future (Artwork).|
Recognized by experts as a serious vulnerability, vulnerability CVE-2021-36260 in Hikvision cameras allows attackers to execute code remotely without authentication, thereby taking full control of the device, through through which can access and attack the internal network of the agency or organization.
Currently, IP cameras are widely used by agencies, organizations and businesses. According to preliminary assessment from security experts, vulnerability CVE-2021-36260 affects more than 100 million devices globally, including Vietnam. Therefore, this vulnerability has a large impact and can pose a risk to critical infrastructure.
Notably, the National Cybersecurity Monitoring Center under the Department of Information Security, Ministry of Information and Communications assessed: The possibility that the exploit code of the CVE-2021-36260 security vulnerability will soon be publicly available on the Internet in the coming months. next time.
In order to ensure information security for the information system of their units, contributing to ensuring the safety of Vietnam’s cyberspace, the Information Security Administration recommends that agencies, organizations and enterprises check, Review and identify information systems used and information systems connected to Hikvision IP camera equipment. If used, the unit needs to update the software, separate the network range for the camera and restrict access to other network bands.
Agencies, units and businesses are also recommended to strengthen supervision and have ready-made solutions when detecting signs of being exploited or hacked; at the same time, regularly monitor the warning channels of authorities and large organizations on information security to promptly detect cyberattack risks.
In case of needing assistance, agencies, units and businesses should contact the Information Security Administration’s support focal point: the National Cyber Security Monitoring Center (NCSC) at phone number 02432091616 and box. email [email protected]
Lithuania advises people not to use Chinese phones
Lithuania’s Ministry of Defense advises consumers to avoid buying Chinese mobile phones and advises people to throw away their phones after a government report found the devices came pre-installed with censorship software. .