More than 80,000 Hikvision cameras used by 2,300 organizations across 100 countries remain vulnerable to an easily exploitable critical command injection bug, tracked as CVE-2021-36260, which has been fixed by the vendor last September, BleepingComputer
Most of the unpatched Hikvision cameras were observed in China and the U.S., but vulnerable instances were also prevalent in Vietnam, the U.K., Ukraine, Thailand, South Africa, France, the Netherlands, and Romania, according to a report from CYFIRMA. Moreover, numerous threat actors, including Chinese hacking operations APT10 and APT41
, and Russian cyberespionage groups, have been exploiting the flaw, while network entrance points dependent on the vulnerable cameras have been peddled on Russian-speaking forums.
"From an External Threat Landscape Management (ETLM) analogy, cybercriminals from countries that may not have a cordial relation with other nations could use the vulnerable Hikvision camera products to launch a geopolitically motivated cyber warfare," said CYFIRMA. Hikvision operators have been urged to ensure latest firmware update installation, strong passwords, and IoT network isolation.