Security Notice - Uniview - Leader of AIoT Solution

Home

Security Notice

Security Advisory - Security Risks Found in Certain Uniview Products

2022-08-02

Uniview considers cyber security as top priority. We believes that transparency and awareness are the keys to build strong cyber security. Recently, three cyber security related vulnerabilities are reported by individual security researcher Knud Højgaard. Uniview’s cyber security teams and R&D teams immediately investigated the situation, developed a patch upgrade that fixes the vulnerabilities.

Uniview recognizes and values the importance of data and cyber security, and will spare no time to keep them safe for our customers. A team of experts and professionals here at Uniview are responsible for keeping close monitor to any potential vulnerability on a regular basis. Strict procedures and regulations have been applied to ensure timely notification and fast responses if any vulnerability is spotted.

Meanwhile, please upgrade to the patched version, do not hestitate to contact the equipment purchase channel, Uniview 400 hotline or regional after-sales service personnel if you need any help.

For products with cloud upgrade capability, related repair versions can be obtained through cloud upgrade.

SA ID: USRC-202208-01

Summary

The following security vulnerabilities are found in certain products.

Vulnerability 1: Device credentials can be modified via SNMP port (UDP port 161).

Risk evaluated: This port will not be automatically mapped to the Internet. Unless user manually maps this port to the Internet on the Internet router or other networking device, exploiting this vulnerability to attack devices in the local area network (LAN) or private network from the Internet is impossible.

Vulnerability 2: The password retrieval function in some old versions is flawed and can be used by hackers to hijack the affected devices.

Vulnerability evaluated: Direct attack by exploiting the flaw from the Internet is impossible for devices in the local area network (LAN) or private network.

Vulnerability 3: There is a command execution vulnerability in the NAS test function after user logs in to device’s web interface.

Vulnerability evaluated: The vulnerability can be exploited only after the attacker passes user authentication. It cannot be directly used to attack devices on the Internet, local area network (LAN) and private network.

Vulnerability score:

CVSS v3 is adopted in this vulnerability scoring (http://www.first.org/cvss/specification-document)

Vulnerability 1:

Base score: 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)

Temporal score: 7.7 (E:P/RL:O/RC:R)

Vulnerability 2:

Base score: 8.1 (AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)

Temporal score: 7.3 (E:P/RL:O/RC:R)

Vulnerability 3:

Base score: 8.0 (AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)

Temporal score: 7.2 (E:P/RL:O/RC:R)

Affected Versions and Fixed Versions

Vulnerability 1:

Affected Version	Fixed Version
QIPC-B9101.7.8.211207 and earlier	QIPC-B9101.8.3.220209 and later
QIPC-B8701.10.7.211105 and earlier	QIPC-B8701.11.3.220209 and later
QIPC-B6302.2.10.211105 and earlier	QIPC-B6302.5.6.220304 and later
QIPC-B6301.9.11.211105 and earlier	QIPC-B6301.11.3.220209 and later
QIPC-B2202.3.75.211207 and earlier	QIPC-B2202.5.8.220304 and later
QIPC-B2201.10.7.211105 and earlier	QIPC-B2201.11.6.220304 and later
QIPC-B1208.7.7.210705 and earlier	QIPC-B1208.7.9.220415 and later
QIPC-R1207.8.37.211122 and earlier	QIPC-R1207.8.39.220415 and later
QIPC-R1206.9.36.211122 and earlier	QIPC-R1206.9.38.220415 and later
QIPC-B1203.16.8.211105 and earlier	QIPC-B1203.16.10.220415 and later
QIPC-R1201.30.38.211122 and earlier	QIPC-R1201.30.41.220415 and later
HCMN-B2201.6.7.210705 and earlier	HCMN-B2201.6.9.220415 and later
HCMN-R2108.13.37.211122 and earlier	HCMN-R2108.13.39.220415 and later
HCMN-R2103.28.38.211122 and earlier	HCMN-R2103.28.41.220415 and later
GIPC-B6106.8.42.211122 and earlier	GIPC-B6106.8.47.220427 and later
GIPC-B6103.16.37.211122 and earlier	GIPC-B6103.16.39.220416 and later
GIPC-B6102.26.41.211122 and earlier	GIPC-B6102.26.43.220415 and later
CIPC-B2302.3.65.211102 and earlier	CIPC-B2302.5.8.220304 and later
CIPC-B2301.5.37.211122 and earlier	CIPC-B2301.5.39.220415 and later
GIPC-B6206.1.69.211220 and earlier	GIPC-B6206.1.70.220309 and later
IPC_G6107-B0001P99D1806 and earlier	IPC_G6107-B0002P61D1806 and later
GIPC-B6202.5.79.211217 and earlier	GIPC-B6202.5.82.220121 and later
GIPC-B6203.3.79.211217 and earlier	GIPC-B6203.3.82.220121 and later
DIPC-B1213.2.67.211221 and earlier	DIPC-B1213.2.70.220329 and later
DIPC-B1216.2.65.211220 and earlier	DIPC-B1216.2.71.220324 and later
DIPC-B1221.1.77.220218 and earlier	DIPC-B1221.1.80.220329 and later
DIPC-B1222.1.67.211222 and earlier	DIPC-B1222.1.70.220317 and later
DIPC-B1223.1.78.211209 and earlier	DIPC-B1223.1.81.220402 and later
DIPC-B1225.1.67.211210 and earlier	DIPC-B1225.1.69.220329 and later
DIPC-B1226.1.61.220121 and earlier	DIPC-B1226.1.66.220317 and later
DIPC-B1219.1.87.211213 and earlier	DIPC-B1219.1.92.220228 and later

Vulnerability 2:

Affected Version	Fixed Version
QIPC-R1207.8.37.211122 and earlier	QIPC-R1207.8.39.220415 and later
QIPC-R1206.9.36.211122 and earlier	QIPC-R1206.9.38.220415 and later
QIPC-R1201.30.38.211122 and earlier	QIPC-R1201.30.41.220415 and later
HCMN-R2108.13.37.211122 and earlier	HCMN-R2108.13.39.220415 and later
HCMN-R2103.28.38.211122 and earlier	HCMN-R2103.28.41.220415 and later
GIPC-B6106.8.42.211122 and earlier	GIPC-B6106.8.47.220427 and later
GIPC-B6103.16.37.211122 and earlier	GIPC-B6103.16.39.220416 and later
GIPC-B6102.26.41.211122 and earlier	GIPC-B6102.26.43.220415 and later
CIPC-B2301.5.37.211122 and earlier	CIPC-B2301.5.39.220415 and later
DIPC-B1213.2.67.211221 and earlier	DIPC-B1213.2.70.220329 and later
DIPC-B1216.2.65.211220 and earlier	DIPC-B1216.2.71.220324 and later
DIPC-B1221.1.77.220218 and earlier	DIPC-B1221.1.80.220329 and later
DIPC-B1222.1.67.211222 and earlier	DIPC-B1222.1.70.220317 and later
DIPC-B1223.1.78.211209 and earlier	DIPC-B1223.1.81.220402 and later
DIPC-B1225.1.67.211210 and earlier	DIPC-B1225.1.69.220329 and later
DIPC-B1226.1.61.220121 and earlier	DIPC-B1226.1.66.220317 and later
IPC_D1202-B0007P77D1904 and earlier	IPC_D1202-B0007P79D1904 and later
IPC_G6107-B0001P99D1806 and earlier	IPC_G6107-B0002P61D1806 and later

Vulnerability 3:

Affected Version	Fixed Version
QIPC-B9101.7.8.211207 and earlier	QIPC-B9101.8.3.220209 and later
QIPC-B8701.10.7.211105 and earlier	QIPC-B8701.11.3.220209 and later
QIPC-B6302.2.10.211105 and earlier	QIPC-B6302.5.6.220304 and later
QIPC-B6301.9.11.211105 and earlier	QIPC-B6301.11.3.220209 and later
QIPC-B2202.3.75.211207 and earlier	QIPC-B2202.5.8.220304 and later
QIPC-B2201.10.7.211105 and earlier	QIPC-B2201.11.6.220304 and later
QIPC-B1208.7.7.210705 and earlier	QIPC-B1208.7.9.220415 and later
QIPC-R1207.8.37.211122 and earlier	QIPC-R1207.8.39.220415 and later
QIPC-R1206.9.36.211122 and earlier	QIPC-R1206.9.38.220415 and later
QIPC-B1203.16.8.211105 and earlier	QIPC-B1203.16.10.220415 and later
QIPC-R1201.30.38.211122 and earlier	QIPC-R1201.30.41.220415 and later
HCMN-B2201.6.7.210705 and earlier	HCMN-B2201.6.9.220415 and later
HCMN-R2108.13.37.211122 and earlier	HCMN-R2108.13.39.220415 and later
HCMN-R2103.28.38.211122 and earlier	HCMN-R2103.28.41.220415 and later
GIPC-B6106.8.42.211122 and earlier	GIPC-B6106.8.47.220427 and later
GIPC-B6103.16.37.211122 and earlier	GIPC-B6103.16.39.220416 and later
GIPC-B6102.26.41.211122 and earlier	GIPC-B6102.26.43.220415 and later
CIPC-B2302.3.65.211102 and earlier	CIPC-B2302.5.8.220304 and later
CIPC-B2301.5.37.211122 and earlier	CIPC-B2301.5.39.220415 and later
GIPC-B6202.5.82.220121 and earlier	GIPC-B6202.5.88.220329 and later
GIPC-B6203.3.82.220121 and earlier	GIPC-B6203.3.88.220329 and later
DIPC-B1213.2.67.211221 and earlier	DIPC-B1213.2.70.220329 and later
DIPC-B1216.2.65.211220 and earlier	DIPC-B1216.2.71.220324 and later
DIPC-B1221.1.77.220218 and earlier	DIPC-B1221.1.80.220329 and later
DIPC-B1222.1.67.211222 and earlier	DIPC-B1222.1.70.220317 and later
DIPC-B1223.1.78.211209 and earlier	DIPC-B1223.1.81.220402 and later
DIPC-B1225.1.67.211210 and earlier	DIPC-B1225.1.69.220329 and later
DIPC-B1226.1.61.220121 and earlier	DIPC-B1226.1.66.220317 and later
GIPC-B6206.1.69.211220 and earlier	GIPC-B6206.1.70.220309 and later
IPC_D1202-B0007P77D1904 and earlier	IPC_D1202-B0007P79D1904 and later
IPC_D1203-B0003P73D1812 and earlier	IPC_D1203-B0003P75D1812 and later
IPC_G6107-B0001P99D1806 and earlier	IPC_G6107-B0002P61D1806 and later
IPC_G6108-B0001P83D1809 and earlier	IPC_G6108-B0001P86D1809 and later

Obtaining fixed version:

Please obtain the fixed version and upgrade, please contact the distribution channel, Service Hotline or regional technical support for help.

- Service Hotline/ regional technical support: https://global.uniview.com/About_Us/Contact_Us/

- If the device supports cloud upgrade, you may also upgrade the version by cloud.

Acknowledgment

We thank the support of individual security researcher Knud Højgaard who discovered these vulnerabilities and reported to Uniview.

Contact us:

Should you have any security issues or concerns with our products, please contact us at security@uniview.com

Back