Hikvision Wireless Access Point Flaws Enable Remote Command Execution Attacks - cyberpress.org

Hikvision Wireless Access Point Flaws Enable Remote Command Execution Attacks By AnuPriya February 3, 2026 Categories: Cyber Security NewsCybersecurityVulnerability Hikvision has disclosed a high-severity command execution vulnerability affecting multiple wireless access point models, potentially allowing authenticated attackers to execute arbitrary commands on affected devices. The company released an advisory on January 30, 2026, detailing the security flaw and urging customers to apply patches immediately. Vulnerability Details The vulnerability, tracked as CVE-2026-0709, stems from insufficient input validation in Hikvision’s wireless access point firmware. Attackers with valid credentials can exploit this flaw by sending specially crafted packets containing malicious commands to compromised devices, thereby bypassing security controls and executing commands with elevated privileges. The attack requires network access and valid authentication credentials but does not require user interaction. Hikvision assigned the vulnerability a CVSS v3.1 base score of 7.2, which is classified as high severity. The CVSS vector (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) indicates the flaw is remotely exploitable, has low attack complexity, and requires high-level privileges. Affected Devices and Versions This vulnerability impacts six wireless access point models from Hikvision’s DS-3WAP series. All devices running firmware version V1.1.6303 build 250812 or earlier are vulnerable to exploitation. Model Vulnerable Version Patched Version CVE ID DS-3WAP521-SI V1.1.6303 build 250812 and earlier V1.1.6601 build 251223 CVE-2026-0709 DS-3WAP522-SI V1.1.6303 build 250812 and earlier V1.1.6601 build 251223 CVE-2026-0709 DS-3WAP621E-SI V1.1.6303 build 250812 and earlier V1.1.6601 build 251223 CVE-2026-0709 DS-3WAP622E-SI V1.1.6303 build 250812 and earlier V1.1.6601 build 251223 CVE-2026-0709 DS-3WAP623E-SI V1.1.6303 build 250812 and earlier V1.1.6601 build 251223 CVE-2026-0709 DS-3WAP622G-SI V1.1.6303 build 250812 and earlier V1.1.6601 build 251223 CVE-2026-0709 The vulnerability impacts the confidentiality, integrity, and availability of affected systems. Successful exploitation could allow an authenticated attacker to gain complete control of the wireless access point, potentially compromising the entire network infrastructure that relies on the device. This poses a significant risk to organizations deploying these devices in critical network segments. Hikvision released a patched firmware version, V1.1.6601 build 251223, addressing the vulnerability. Organizations operating affected access points should prioritize updating to this version as soon as possible. Patches are available for download and deployment through Hikvision’s official support portal. System administrators should verify the firmware version running on their deployed devices and schedule update deployments as soon as possible. Additionally, implementing network segmentation and access controls on management interfaces can help reduce the risk of unauthorized access to wireless access points. The vulnerability was discovered and reported by independent security researcher exzettabyte to Hikvision’s Security Response Center (HSRC). The responsible disclosure process ensured affected customers received advance notice before public disclosure, allowing organizations time to deploy patches before potential exploitation attempts. Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google. Share Facebook Twitter Pinterest WhatsApp AnuPriya Any Priya is a cybersecurity reporter at Cyber Press, specializing in cyber attacks, dark web monitoring, data breaches, vulnerabilities, and malware. She delivers in-depth analysis on emerging threats and digital security trends. Recent Articles Google Chrome Update Fixes 26 Security Flaws, Including RCE Vulnerabilities Cyber Security News March 20, 2026 Critical UNISOC T612 Modem Flaw Enables RCE via Cellular Calls Cyber Security News March 20, 2026 Fake Tools Fuel Vibe-Coded Malware Campaign Targeting Unsuspecting Users cryptocurrency March 20, 2026 Cobra DocGuard Hijacked By Speagle Malware For Sensitive Data Theft APT March 20, 2026 ScreenConnect Deployed via SILENTCONNECT Using VBScript and PEB Masquerading Cyber Security News March 20, 2026 Related Stories Cyber Security News Google Chrome Update Fixes 26 Security Flaws, Including RCE Vulnerabilities AnuPriya - March 20, 2026 Cyber Security News Critical UNISOC T612 Modem Flaw Enables RCE via Cellular Calls AnuPriya - March 20, 2026 cryptocurrency Fake Tools Fuel Vibe-Coded Malware Campaign Targeting Unsuspecting Users Varshini - March 20, 2026 APT Cobra DocGuard Hijacked By Speagle Malware For Sensitive Data Theft Varshini - March 20, 2026 Cyber Security News ScreenConnect Deployed via SILENTCONNECT Using VBScript and PEB Masquerading Varshini - March 20, 2026 APT Russian APT Exploits Zimbra XSS In GhostMail Attacks On Ukrainian Government Varshini - March 20, 2026 LEAVE A REPLY Comment: Name:* Email:* Website: