CVE-2017-7921
Hikvision Multiple Products Improper Authentication Vulnerability
CVSS
—
No CVSS
EPSS
100.0%
p100
KEV
YES
Mar 5, 2026
Exploit Today
80
0-100
Published: — · Last modified: —
Product
Hikvision / Multiple Products
Vulnerability
Hikvision Multiple Products Improper Authentication Vulnerability
Added to KEV
Mar 5, 2026
Remediate by
Mar 26, 2026
Known ransomware use
No
Summary description
Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and gain access to sensitive information.
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Notes
https://www.hikvision.com/us-en/support/document-center/special-notices/privilege-escalating-vulnerability-in-certain-hikvision-ip-cameras/ ; https://nvd.nist.gov/vuln/detail/CVE-2017-7921
No related CVEs by CWE or product.