{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-66176","assignerOrgId":"da451dce-859b-4e51-8b87-9c8b60d19b32","state":"PUBLISHED","assignerShortName":"hikvision","dateReserved":"2025-11-24T08:59:35.903Z","datePublished":"2026-01-13T01:47:27.191Z","dateUpdated":"2026-03-18T15:28:09.433Z"},"containers":{"cna":{"descriptions":[{"lang":"en","value":"There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."}],"affected":[{"vendor":"Hikvision","product":"DS-K1T331","versions":[{"version":"Versions below V3.7.80","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T341A/K1T341B","versions":[{"version":"Versions below V3.7.80","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T671/K5671","versions":[{"version":"Versions below V3.7.80","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T672","versions":[{"version":"Versions below V3.7.80","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T680","versions":[{"version":"Versions below V3.7.80","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T981","versions":[{"version":"Versions below V3.7.80","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T341C","versions":[{"version":"Versions below V3.3.180","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T670/K1T673","versions":[{"version":"Versions below V4.48.0","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T8003","versions":[{"version":"Versions below V1.4.21","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T804A","versions":[{"version":"Versions below V1.4.22","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T8003/8004","versions":[{"version":"Versions below V1.4.21","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T804A","versions":[{"version":"Versions below V1.4.22","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T804B","versions":[{"version":"Versions below V1.4.23","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T201A/K1T105A","versions":[{"version":"Versions below V1.3.65","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T342/K1T343/K1T344/DS-K1T6QT-F72/F43","versions":[{"version":"Versions below V4.48.0","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T8005/DS-K1T808","versions":[{"version":"Versions below V3.25.40","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T320/DS-K1T321","versions":[{"version":"Versions below V3.9.40","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T323/DS-K1T510","versions":[{"version":"Versions below V4.23.41","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K5033","versions":[{"version":"Versions below V4.37.40","status":"affected"}]}],"references":[{"url":"https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerabilities-in-some-hikvision-products/"}],"credits":[{"lang":"en","value":"Matt Wiseman of Cisco Talos","type":"finder"}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV3_1":{"version":"3.1","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}],"x_generator":{"engine":"cveClient/1.0.15"},"providerMetadata":{"orgId":"da451dce-859b-4e51-8b87-9c8b60d19b32","shortName":"hikvision","dateUpdated":"2026-01-15T01:56:32.572Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-121","lang":"en","description":"CWE-121 Stack-based Buffer Overflow"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-01-13T14:32:35.447766Z","id":"CVE-2025-66176","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-01-13T17:28:04.643Z"}},{"title":"CVE Program Container","references":[{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2281"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2026-03-18T15:28:09.433Z"}}]}}