CP
cyberpings
VulnerabilitiesHIGH

Critical Flaws in Hikvision and Rockwell Products Exposed!

THThe Hacker News16h ago2 min read
CISAHikvisionRockwell AutomationCVE-2017-7921
🎯

Basically, two serious security holes in popular devices are being actively exploited by hackers.

Quick Summary

CISA has flagged critical vulnerabilities in Hikvision and Rockwell Automation products. Users face risks of unauthorized access and potential data breaches. Immediate software updates and security reviews are necessary to protect against these threats.

What Happened

A major cybersecurity alert has been issued as the U.S. Cybersecurity and Infrastructure Security Agency (CISA?) added two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This action highlights the urgency of addressing these flaws, which have been confirmed to be actively exploited in the wild. Both vulnerabilities have a CVSS score of 9.8, indicating their severity and the potential impact on users.

The vulnerabilities affect products from Hikvision, a well-known manufacturer of video surveillance equipment, and Rockwell Automation, a leader in industrial automation. The specific vulnerabilities include CVE-2017-7921?, which involves improper authentication?. This means that unauthorized users could gain access to systems that should be secure, putting sensitive information and operations at risk.

Why Should You Care

If you use Hikvision or Rockwell Automation products, this news is particularly concerning. Imagine leaving your front door unlocked; that's what these vulnerabilities do for your security systems. Hackers could exploit these flaws to access your cameras or control your industrial processes, leading to potential data breaches or operational disruptions.

Even if you don't directly use these products, the implications are broad. Many businesses rely on interconnected systems, and a breach in one area can lead to vulnerabilities in others. This situation serves as a reminder to regularly update and patch your systems to protect against such threats. Stay vigilant and proactive!

What's Being Done

CISA? is urging all users of affected Hikvision and Rockwell Automation products to take immediate action. Here are some steps you should consider:

  • Update your software to the latest version provided by the manufacturers.
  • Review your security settings to ensure they are configured correctly.
  • Monitor your systems for any unusual activity that may indicate exploitation.

Experts are closely watching for any new attacks exploiting these vulnerabilities, so staying informed is crucial. The cybersecurity landscape is always evolving, and being proactive can safeguard your assets.

💡 Tap dotted terms for explanations

🔒 Pro insight: The high CVSS score indicates a significant risk, and organizations must prioritize patching to mitigate potential exploitation.

Original article from

The Hacker News

Read Full Article

Share

Related Pings

MEDIUMVulnerabilities

OWASP Urges Unified Framework for Global Vulnerability Intelligence

OWASP is pushing for a unified approach to vulnerability intelligence. This affects everyone using online services. A cohesive framework could protect your data from cyber threats. Stay tuned for updates on this important initiative.

OWASP Blog·Just now·2m
HIGHVulnerabilities

Q4 2025 Sees Surge in Exploits and Vulnerabilities

The last quarter of 2025 revealed a troubling rise in software vulnerabilities. This impacts everyone using technology, from individuals to businesses. Staying informed and proactive is crucial to safeguarding your data and devices.

Kaspersky Securelist·Just now·2m
HIGHVulnerabilities

Cisco Patches 48 Vulnerabilities, Two at Maximum Severity

Cisco has issued patches for 48 vulnerabilities, including two critical flaws. If you're using their products, your systems could be at risk. Act now to secure your network and protect your data.

Infosecurity Magazine·Just now·2m
HIGHVulnerabilities

Zero-Click Bug Threatens FreeScout Users with Remote Code Execution

A new zero-click vulnerability in FreeScout could allow hackers to take control of systems without user action. This puts sensitive data at risk for businesses relying on the software. Users should stay alert for updates and enhance their email security now.

Infosecurity Magazine·Just now·2m
HIGHVulnerabilities

Real-time Vulnerability Monitoring: A Must for Open-Source Security

A new advisory stresses the need for real-time monitoring of open-source software. Organizations using third-party components must stay vigilant against vulnerabilities. Ignoring this can expose sensitive data and lead to breaches. Start implementing a Software Bill of Materials today!

OWASP Blog·Just now·2m
HIGHVulnerabilities

Critical Windows Notepad Flaw Allows Remote Code Execution

A serious vulnerability in Windows Notepad allows hackers to run harmful commands on your computer. This affects anyone who opens Markdown files. Update your system now to stay safe from potential attacks.

Zero Day Initiative Blog·Just now·3m