Security error CVE-2021-33044 - CVE-2021-33045 on Dahua Camera

Security Advisory – Identity authentication bypass vulnerability found in some Dahua products

Contents

I. Information

SA ID：DHCC-SA-202106-001
Initial Release：2021-09-01
Content：Identity Bypass Vulnerability found in some Dahua products during login. Attackers can bypass device identity authentication by building malicious packets.
Vulnerability (CVE ID)：CVE-2021- 33044; CVE-2021-33045
Vulnerability Score: Vulnerability classification was performed using the CVSSv3 scoring system: http://www.first.org/cvss/specification-document.

Basic Score：8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

Temporary Score：7.3 (E:P/RL:O/RC:C)

II. Affected Products & Firmware update

The following product lines are currently identified as affected:

1. CVE-2021-33044

Num	Product	Firmware error	Firmware fixed
1	IPC-HX3XXX, HX5XXX, HUM7XXX	Versions which Build time before June,2021	DH_IPC-HX3XXX-Leo_MultiLang_PN_Stream3_V2.800.0000000.29.R.210630 DH_IPC-HX3XXX-Leo_MultiLang_NP_Stream3_V2.800.0000000.29.R.210630 DH_IPC-HX3XXX-Dalton_MultiLang_NP_Stream3_V2.820.0000000.18.R.210705 DH_IPC-HX3XXX-Dalton_MultiLang_PN_Stream3_V2.820.0000000.18.R.210705 DH_IPC-HX5XXX-Volt_MultiLang_PN_Stream3_V2.820.0000000.5.R.210705 DH_IPC-HX5XXX-Volt_MultiLang_NP_Stream3_V2.820.0000000.5.R.210705 DH_IPC-HUM7XXX-E2-Volt_MultiLang_NP_V2.820.0000000.5.R.210705 DH_IPC-HUM7XXX-E2-Volt_MultiLang_PN_V2.820.0000000.5.R.210705
2	VTO75X95X, VTO65XXX	Versions which Build time before June,2021	DH_VTO75X95X_Eng_PN_SIP_V4.300.0000003.0.R.210714 DH_VTO65XXX_Eng_PN_V4.300.0000004.0.R.210715
3	VTH542XH	Versions which Build time before June,2021	DH_VTH542XH_MultiLang_SIP_V4.500.0000002.0.R.210715
4	PTZ Dome Camera SD1A1, SD22, SD49, SD50, SD52C, SD6AL	Versions which Build time before June,2021	DH_SD-Eos-Civil_MultiLang_PN_Stream3_V2.812.0000007.0.R.210706 DH_SD-Eos-Civil_MultiLang_NP_Stream3_V2.812.0000007.0.R.210706 DH_SD-Eos_MultiLang_PN_Stream3_V2.812.0000007.0.R.210706 DH_SD-Eos_MultiLang_NP_Stream3_V2.812.0000007.0.R.210706
5	Thermal TPC-BF1241, TPC-BF2221, TPC-SD2221, TPC-BF5XXX, TPC-SD8X21, TPC-PT8X21B	Versions which Build time before June,2021	DH_TPC-BF1241-TB_MultiLang_PN_V2.630.0000000.6.R.210707 DH_TPC-BF1241-TB_MultiLang_NP_V2.630.0000000.6.R.210707 DH_TPC-BF2221-TB_MultiLang_PN_V2.630.0000000.10.R.210707 DH_TPC-BF2221-TB_MultiLang_NP_V2.630.0000000.10.R.210707 DH_TPC-SD2221-TB_MultiLang_PN_V2.630.0000000.7.R.210707 DH_TPC-SD2221-TB_MultiLang_NP_V2.630.0000000.7.R.210707 DH_TPC-BF5X01-TB_MultiLang_PN_V2.630.0000000.12.R.210707 DH_TPC-BF5X01-TB_MultiLang_NP_V2.630.0000000.12.R.210707 DH_TPC-BF5X21-TB_MultiLang_PN_V2.630.0000000.8.R.210630 DH_TPC-BF5X21-TB_MultiLang_NP_V2.630.0000000.8.R.210630 DH_TPC-PT8X21A-TB_MultiLang_PN_V2.630.0000000.14.R.210630 DH_TPC-PT8X21A-TB_MultiLang_NP_V2.630.0000000.14.R.210630 DH_TPC-SD8X21-TB_MultiLang_PN_V2.630.0000000.9.R.210706 DH_TPC-SD8X21-TB_MultiLang_NP_V2.630.0000000.9.R.210706 DH_TPC-PT8X21B-B_MultiLang_PN_V2.630.0000000.10.R.210701 DH_TPC-PT8X21B-B_MultiLang_NP_V2.630.0000000.10.R.210701

2. CVE-2021-33045

Num	Product	Firmware error	Firmware fixed
1	IPC-HX3XXX, HX5XXX, HUM7XXX	Versions which Build time before May,2020	DH_IPC-HX3XXX-Leo_MultiLang_PN_Stream3_V2.800.0000000.29.R.210630 DH_IPC-HX3XXX-Leo_MultiLang_NP_Stream3_V2.800.0000000.29.R.210630 DH_IPC-HX3XXX-Dalton_MultiLang_NP_Stream3_V2.820.0000000.18.R.210705 DH_IPC-HX3XXX-Dalton_MultiLang_PN_Stream3_V2.820.0000000.18.R.210705 DH_IPC-HX5XXX-Volt_MultiLang_PN_Stream3_V2.820.0000000.5.R.210705 DH_IPC-HX5XXX-Volt_MultiLang_NP_Stream3_V2.820.0000000.5.R.210705 DH_IPC-HUM7XXX-E2-Volt_MultiLang_NP_V2.820.0000000.5.R.210705 DH_IPC-HUM7XXX-E2-Volt_MultiLang_PN_V2.820.0000000.5.R.210705
2	VTO75X95X, VTO65XXX	Versions which Build time before December,2019	DH_VTO75X95X_Eng_PN_SIP_V4.300.0000003.0.R.210714 DH_VTO65XXX_Eng_PN_V4.300.0000004.0.R.210715
3	VTH542XH	Versions which Build time before December,2019	DH_VTH542XH_MultiLang_SIP_V4.500.0000002.0.R.210715
4	NVR1XXX, NVR2XXX, NVR4XXX, NVR5XXX, NVR6XX	Versions which Build time before December,2019	DH_NVR4XXX-I_MultiLang_V4.001.0000000.3.R.210710 DH_NVR4x-4KS2L_MultiLang_V4.001.0000001.0.R.210709 DH_NVR4XXX-4KS2_MultiLang_V4.001.0000005.1.R.210713 DH_NVR5XXX-4KS2_MultiLang_V4.001.0000006.1.R.210709 DH_NVR5XXX-I_MultiLang_V4.001.0000000.3.R.210710 DH_NVR5XXX-IL_MultiLang_V4.001.0000000.0.R.210710 DH_NVR1XHC-S3_MultiLang_V4.001.0000000.1.R.210710 DH_NVR2XXX-4KS2_MultiLang_V4.001.0000005.0.R.210709 DH_NVR2XXX-W-4KS2_MultiLang_V4.001.0000003.1.R.210709 DH_NVR2XXX-I2_Mul_V4.002.0000000.0.R.210709 DH_NVR2XXX-I_Mul_V4.001.0000000.1.R.210710 DH_NVR1XXX-S3H_MultiLang_V4.001.0000005.1.R.210709 DH_NVR6XX-4KS2_MultiLang_V4.001.0000001.1.R.210716
5	XVR4xxx, XVR5xxx, XVR7xxx	Versions which Build time before December,2019	DH_XVR5x16-I2_MultiLang_V4.001.0000003.1.R.210710 DH_XVR7x16-I2_MultiLang_V4.001.0000003.1.R.210710 DH_XVR5x08-I2_MultiLang_V4.001.0000003.1.R.210710 DH_XVR5x04-I2_MultiLang_V4.001.0000003.1.R.210710 DH_XVR7x32-I2_MultiLang_V4.001.0000003.1.R.210710 DH_XVR5x08-I3_MultiLang_V4.001.0000000.15.R.210702 DH_XVR5x04-I3_MultiLang_V4.001.0000000.15.R.210702 DH_XVR4x08-I3_MultiLang_V4.001.0000000.15.R.210702 DH_XVR4x04-I_MultiLang_V4.001.0000001.1.R.210709 DH_XVR4x08-I_MultiLang_V4.001.0000001.1.R.210709 DH_XVR5x08-X_MultiLang_V4.001.0000000.9.R.210710 DH_XVR5x16-X_MultiLang_V4.001.0000000.9.R.210710 DH_XVR7x16-X_MultiLang_V4.001.0000000.9.R.210710 DH_XVR5x04-X1(2.0)_MultiLang_V4.001.0000000.14.R.210709 DH_XVR4x04-X1(2.0)_MultiLang_V4.001.0000000.14.R.210709

Note: Please login to your device’s Web interface to see the Firmware version, you can find this on Settings -> System Info -> Version (setting-systeminfo-version) page.

III. Download Firmware to fix errors

Download the corresponding debug software or a later version as listed in the table above from the Dahua website or contact your local Dahua technical support for an upgrade.

● Cloud upgrade: Dahua products are cloud-upgradeable. The relevant corrected versions can be obtained through a cloud upgrade.

● Dahua Official Website: https http://www.dahuasecurity.com/support/downloadCenter

Support Resources ：

For any questions or concerns regarding our products and solutions, please contact Dahua DHCC at cybersecurity@dahuatech.com.

Mobile Application

Windows

MacOS

Domain Name System

Source Code

Hikvision SDK

Dahua SDK

UNView SDK

Solution

Hikvision Solutions

Dahua Solutions

Kbvision Solutions

CCTV APP

Technical guidance

Technical Guidance

Technical Video

Quality Demo Video

Installation Instructions

Reset Password

Download Firmware

Quick Calculator

Disk Calculator

Bandwith Calculator

4G Calculator

Power Consumed

Technical document

Security error CVE-2021-33044 – CVE-2021-33045 on Dahua Camera

I. Information

II. Affected Products & Firmware update

1. CVE-2021-33044

2. CVE-2021-33045

III. Download Firmware to fix errors

CONTACT

404 FOUND CODE