CVE 8.8 HIGH

CVE-2025-66176_CVE-2025-66176

January 12, 2026 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.

AI Analysis

Stack overflow vulnerability in Hikvision Access Control Products, allowing an attacker to cause device malfunction by sending specially crafted packets.

Basic Information

ID CVE-2025-66176

Source hikvision

Published Jan 13, 2026 at 01:47

Affected Product

Vendor Hikvision

Product DS-K1T331, DS-K1T341A, DS-K1T341B, DS-K1T341C, DS-K1T342, DS-K1T343, DS-K1T344, DS-K1T670, DS-K1T671, DS-K1T672, DS-K1T673, DS-K1T680, DS-K1T8003, DS-K1T8004, DS-K1T8005, DS-K1T801, DS-K1T804A, DS-K1T804B, DS-K1T805, DS-K1T808, DS-K1T320, DS-K1T321, DS-K1T323, DS-K1T510, DS-K1T981, DS-K5033

Version V1.3.65, V1.4.21, V1.4.22, V1.4.23, V3.3.180, V3.7.80, V3.9.40, V3.25.40, V4.23.41, V4.37.40, V4.48.0

Affected Versions Hikvision DS-K1T331 Versions below V3.7.80
Hikvision DS-K1T341A/K1T341B Versions below V3.7.80
Hikvision DS-K1T671/K5671 Versions below V3.7.80
Hikvision DS-K1T672 Versions below V3.7.80
Hikvision DS-K1T680 Versions below V3.7.80
Hikvision DS-K1T981 Versions below V3.7.80
Hikvision DS-K1T341C Versions below V3.3.180
Hikvision DS-K1T670/K1T673 Versions below V4.48.0
Hikvision DS-K1T8003 Versions below V1.4.21
Hikvision DS-K1T804A Versions below V1.4.22
Hikvision DS-K1T8003/8004 Versions below V1.4.21
Hikvision DS-K1T804A Versions below V1.4.22
Hikvision DS-K1T804B Versions below V1.4.23
Hikvision DS-K1T201A/K1T105A Versions below V1.3.65
Hikvision DS-K1T342/K1T343/K1T344/DS-K1T6QT-F72/F43 Versions below V4.48.0
Hikvision DS-K1T8005/DS-K1T808 Versions below V3.25.40
Hikvision DS-K1T320/DS-K1T321 Versions below V3.9.40
Hikvision DS-K1T323/DS-K1T510 Versions below V4.23.41
Hikvision DS-K5033 Versions below V4.37.40

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Hikvision

Product Hikvision Access Control Products

Version V1.3.65, V1.4.21, V1.4.22, V1.4.23, V3.3.180, V3.7.80, V3.9.40, V3.25.40, V4.23.41, V4.37.40, V4.48.0

References

www.hikvision.com /en/support/cybersecurity/security-advisory/buffer-overflow-vulnerabilities-in-some-hikvision-products/

{
    "lastseen": "",
    "description": "There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.",
    "published": "2026-01-13T01:47:27.191Z",
    "modified": "2026-01-13T01:47:27.191Z",
    "type": "cve",
    "title": "CVE-2025-66176",
    "source": "hikvision",
    "references": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerabilities-in-some-hikvision-products/",
    "id": "CVE-2025-66176",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Hikvision DS-K1T331 Versions below V3.7.80\nHikvision DS-K1T341A/K1T341B Versions below V3.7.80\nHikvision DS-K1T671/K5671 Versions below V3.7.80\nHikvision DS-K1T672 Versions below V3.7.80\nHikvision DS-K1T680 Versions below V3.7.80\nHikvision DS-K1T981 Versions below V3.7.80\nHikvision DS-K1T341C Versions below V3.3.180\nHikvision DS-K1T670/K1T673 Versions below V4.48.0\nHikvision DS-K1T8003 Versions below V1.4.21\nHikvision DS-K1T804A Versions below V1.4.22\nHikvision DS-K1T8003/8004 Versions below V1.4.21\nHikvision DS-K1T804A Versions below V1.4.22\nHikvision DS-K1T804B Versions below V1.4.23\nHikvision DS-K1T201A/K1T105A Versions below V1.3.65\nHikvision DS-K1T342/K1T343/K1T344/DS-K1T6QT-F72/F43 Versions below V4.48.0\nHikvision DS-K1T8005/DS-K1T808 Versions below V3.25.40\nHikvision DS-K1T320/DS-K1T321 Versions below V3.9.40\nHikvision DS-K1T323/DS-K1T510 Versions below V4.23.41\nHikvision DS-K5033 Versions below V4.37.40",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DS-K1T331, DS-K1T341A, DS-K1T341B, DS-K1T341C, DS-K1T342, DS-K1T343, DS-K1T344, DS-K1T670, DS-K1T671, DS-K1T672, DS-K1T673, DS-K1T680, DS-K1T8003, DS-K1T8004, DS-K1T8005, DS-K1T801, DS-K1T804A, DS-K1T804B, DS-K1T805, DS-K1T808, DS-K1T320, DS-K1T321, DS-K1T323, DS-K1T510, DS-K1T981, DS-K5033",
    "version": "V1.3.65, V1.4.21, V1.4.22, V1.4.23, V3.3.180, V3.7.80, V3.9.40, V3.25.40, V4.23.41, V4.37.40, V4.48.0",
    "vendor": "Hikvision",
    "ai_description": "Stack overflow vulnerability in Hikvision Access Control Products, allowing an attacker to cause device malfunction by sending specially crafted packets.",
    "ai_severity": "High",
    "ai_vendor": "Hikvision",
    "ai_product": "Hikvision Access Control Products",
    "ai_version": "V1.3.65, V1.4.21, V1.4.22, V1.4.23, V3.3.180, V3.7.80, V3.9.40, V3.25.40, V4.23.41, V4.37.40, V4.48.0",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply