Critical Security Vulnerabilities in Dahua Cameras Allow Potential Remote Takeover
In a recent disclosure, cybersecurity experts have revealed serious security vulnerabilities within the firmware of Dahua smart cameras, now patched but capable of enabling remote control hijacking of affected devices if not mitigated. These flaws, specifically tied to the ONVIF protocol and file upload handlers, leave the devices exposed to unauthenticated attackers who could issue arbitrary remote commands, effectively seizing control of the camera systems, according to a report by Bitdefender shared with The Hacker News.
The vulnerabilities, designated as CVE-2025-31700 and CVE-2025-31701 and both registering a CVSS score of 8.1, impact a range of Dahua camera models, including the IPC-1XXX, IPC-2XXX, IPC-WX, IPC-ECXX, SD3A, SD2A, SD3D, SDT2A, and SD2C series. Businesses utilizing these cameras should be particularly vigilant, as the affected firmware versions have build timestamps prior to April 16, 2025. Users can easily verify their devices’ build times by accessing the web interface and navigating to the System Information section under Settings.
The vulnerabilities allow unauthorized attackers to exploit backend systems associated with these cameras, posing a significant risk to organizations relying on surveillance for security. When control is compromised, attackers gain the ability to manipulate the devices according to their malicious intents, potentially leading to unauthorized surveillance, data breaches, or even worse security incidents.
While these vulnerabilities have been patched, the incident raises critical concerns regarding the overall security practices of organizations relying on Internet of Things (IoT) devices. As the landscape of cyber threats continues to evolve, businesses need to remain vigilant against emerging risks. An analysis of potential adversary tactics indicates that initial access and privilege escalation may have been tactics used to exploit these vulnerabilities, highlighting how an effective defense requires continuous monitoring and timely firmware updates.
Organizations across various sectors should prioritize a comprehensive cybersecurity strategy, incorporating timely updates and rigorous security protocols to mitigate risks from potential vulnerabilities like those found in Dahua cameras. Adequate knowledge of the MITRE ATT&CK framework can enhance the understanding of these tactics, aiding in strengthening defenses against similar threats in the future.
In conclusion, while these specific vulnerabilities in Dahua cameras have been addressed, the broader implications for cybersecurity practices cannot be overlooked. Companies must actively engage in cybersecurity awareness and implement robust measures to protect against evolving threats in an increasingly connected world.