Vulnerability in Some Dahua Ip Camera, Video Intercom, Ptz Dome Thermal Camera Devices
CVE-2021-33044
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
EPSS: 0.943 (99.9th percentile) — read the EPSS interpretation.
Affected products
- N/a Some Dahua Ip Camera, Video Intercom, Ptz Dome Thermal Camera Devices — versions Dahua IP Camera devices IPC-HX3XXX, IPC-HX5XXX, and IPC-HUM7XXX, Video Intercom devices VTO75X95X, VTO65XXX, and VTH542XH, PTZ Dome Camera SD1A1, SD22, SD49, SD50, SD52C, and SD6AL, Thermal TPC-BF1241, TPC-BF2221, TPC-SD2221, TPC-BF5XXX, TPC-SD8X21, and TPC-PT8X21B devices Buildtime before June, 2021.
CISA KEV (Known Exploited Vulnerabilities)
This CVE is on the CISA KEV catalog, added on . CISA KEV inclusion means CISA has confirmed in-the-wild exploitation; US federal agencies are required to remediate within a published due date.
BOD 22-01 due date: .
Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Public proof-of-concept exploits
References
- www.dahuasecurity.com/support/cybersecurity/details/957 (x_refsource_MISC)
- 20211005 [Update]: Dahua Authentication bypass (CVE-2021-33044, CVE-2021-33045) (mailing-list, x_refsource_FULLDISC)
- packetstormsecurity.com/files/164423/Dahua-Authentication-Bypass.html (x_refsource_MISC)
Frequently asked questions
- What is CVE-2021-33044?
- CVE-2021-33044 is a vulnerability in Some Dahua Ip Camera, Video Intercom, Ptz Dome Thermal Camera Devices. Published 2021-09-15.
- Is CVE-2021-33044 known to be exploited?
- Yes. CVE-2021-33044 is listed in the CISA Known Exploited Vulnerabilities catalog (added 2024-08-21), indicating it is being actively exploited. 54 public proof-of-concept repositories are indexed.