Uniview insists on the principle of vulnerability disclosure. After the necessary certification process, Uniview discloses vulnerability information to stakeholders such as our customers, OEM partners, CERT coordination organizations, ect. to build a secure cyberspace together. Uniview will notify customers who are affected by the vulnerability through direct communication or external announcements.
With the popularity of network video surveillance, more and more networking products are used in public networks, such as Network Video Recorders, Network Cameras. But the public network environment is more vulnerable than internal network. Your devices might be attacked by various viruses. Please take all necessary measures to enhance network security for your device.
The following are necessary measures for the network security of your device:
• Change default password and set strong password: You are strongly recommended to change the default password after your first login and set a strong password of at least nine characters including all three elements: digits, letters and special characters.
• Keep firmware up to date: It is recommended that your device is always upgraded to the latest version for the latest functions and better security. Visit Uniview's official website or contact your local dealer for the latest firmware.
The following are recommendations for enhancing network security of your device:
• Change password regularly: Change your device password on a regular basis and keep the password safe. Make sure only the authorized user can log in to the device.
• Enable HTTPS/SSL: Use SSL certificate to encrypt HTTP communications and ensure data security.
• Enable IP address filtering: Allow access only from the specified IP addresses.
• Minimum port mapping: Configure your router or firewall to open a minimum set of ports to the WAN and keep only the necessary port mappings. Never set the device as the DMZ host or configure a full cone NAT.
• Disable the automatic login and save password features: If multiple users have access to your computer, it is recommended that you disable these features to prevent unauthorized access.
• Choose username and password discretely: Avoid using the username and password of your social media, bank, email account, etc., as the username and password of your device, in case your social media, bank and email account information is leaked.
• Restrict user permissions: If more than one user needs access to your system, make sure each user is granted only the necessary permissions.
• Disable UPnP: When UPnP is enabled, the router will automatically map internal ports, and the system will automatically forward port data, which results in the risks of data leakage. Therefore, it is recommended to disable UPnP if HTTP and TCP port mapping have been enabled manually on your router.
• SNMP: Disable SNMP if you do not use it. If you do use it, then SNMPv3 is recommended.
• Multicast: Multicast is intended to transmit video to multiple devices. If you do not use this function, it is recommended you disable multicast on your network.
• Check logs: Check your device logs regularly to detect unauthorized access or abnormal operations.
• Physical protection: Keep the device in a locked room or cabinet to prevent unauthorized physical access.
• Isolate video surveillance network: Isolating your video surveillance network with other service networks helps prevent unauthorized access to devices in your security system from other service networks.
You may also obtain security information under Security Response Center at Uniview's official website.