Advisory ID:DHCC-SA-202302-001
First Published:2023-02-08
Summary
Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time.
CVE ID
CVE-2022-30564
Vulnerability Score
The vulnerability classification has been performed by using the CVSSv3.1 scoring system (http://www.first.org/cvss/specification-document).
CVE-2022-30564
Base Score:5.3(AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Temporal Score:4.6(E:U/RL:O/RC:C)
Affected Products & Fix Software
The following product series and models are currently known to be affected.
Affected Model | Affected Version | Fix Software |
IPC-HX5XXX IPC-HX7XXX | Versions which Build time between 2018/12/01 –2020/12/21 | DH_IPC-HFW7XXX-E3-Fafnir_MultiLang_PN_Stream4_V2.800.0000000.4.R.210708.zip DH_IPC-HX5XXX-Volt_MultiLang_PN_Stream3_V2.840.0000000.18.R.220629.zip DH_IPC-HX5XXX-Volt_MultiLang_NP_Stream3_V2.840.0000000.18.R.220629.zip |
SD5A, SD22, SD59 | Versions which Build time between 2018/10/27 - 2021/05/08 | DH_SD-Prometheus_MultiLang_PN_Stream3_V2.812.0000032.2.R.220804.zip DH_SD-Prometheus_MultiLang_NP_Stream3_V2.812.0000032.2.R.220804.zip DH_SD-Eos-Civil_MultiLang_PN_Stream3_V2.813.0000017.0.R.220928.zip DH_SD-Eos-Civil_MultiLang_NP_Stream3_V2.813.0000017.0.R.220928.zip DH_SD-Eos_MultiLang_PN_Stream3_V2.812.0000017.0.R.220928.zip DH_SD-Eos_MultiLang_NP_Stream3_V2.812.0000017.0.R.220928.zip |
NVR5XXX-I NVR5XXX-I/L NVR4XXX-I NVR2XXX-I | Versions which Build time between 2018/04/29 - 2021/05/12 | DH_NVR5XXX-I_MultiLang_V4.002.0000000.3.R.221122.zip DH_NVR5XXX-IL_MultiLang_V4.002.0000000.4.R.221122.zip DH_NVR4XXX-I_MultiLang_V4.002.0000000.3.R.221122.zip DH_NVR2XXX-I_Mul_V4.002.0000000.3.R.221122.zip |
XVRXXXX-I2 XVRXXXX-X | Versions which Build time between 2019/06/15- 2021/10/24 | DH_XVR5x04-I2_MultiLang_V4.001.0000003.3.R.221124.zip DH_XVR5x08-I2_MultiLang_V4.001.0000003.3.R.221124.zip DH_XVR5x16-I2_MultiLang_V4.001.0000005.1.R.221123.zip DH_XVR7x16-I2_MultiLang_V4.001.0000005.1.R.221123.zip DH_XVR7x32-I2_MultiLang_V4.001.0000005.1.R.221123.zip DH_XVR5x08-X_MultiLang_V4.001.0000000.16.R.221124.zip DH_XVR5x16-X_MultiLang_V4.001.0000000.16.R.221124.zip DH_XVR7x16-X_MultiLang_V4.001.0000000.16.R.221124.zip DH_XVR4x04-X1(2.0)_MultiLang_V4.001.0000000.16.R.221124.zip DH_XVR5x04-X1(2.0)_MultiLang_V4.001.0000000.16.R.221124.zip DH_XVR5x08-I_MultiLang_V4.001.0000000.11.R.221124.zip DH_XVR5x16-I_MultiLang_V4.001.0000000.11.R.221124.zip DH_XVR7x16-I_MultiLang_V4.001.0000000.11.R.221124.zip DH_XVR5x04-I_MultiLang_V4.001.0000000.11.R.221124.zip |
Note: Please login to the Web interface of the device to view Build time, which you can find on the Settings-System Information-Version Information page (setting-systeminfo-version).
Fix Software Download
Please download the corresponding fix software or its newer version as listed in the above table from Dahua website, or contact Dahua local technical support to upgrade.
• Cloud Upgrade:For products with cloud upgrade capability, the related repair version will be successively pushed through the cloud upgrade within 30 working days.
• Dahua Official website: https://www.dahuasecurity.com/support/downloadCenter。
• Dahua Technical Support Personnel.
Support Resources
For any questions or concerns related to our products and solutions, please contact Dahua DHCC at cybersecurity@dahuatech.com.
Acknowledgment
We acknowledge the support of Souvik Kandar and Arko Dhar from Redinent Innovations, India who discovered this vulnerability, and we also want to acknowledge the cooperation of the National Computer Emergency Response Team of India (CERT-In) who reported it to DHCC and coordinated with us to handle this vulnerability.
Revision History
Version | Description | Date |
V1.0 | Initial public release | 2023-02-08 |