๐ฅ This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)
CVE-2017-7921: Hikvision Multiple Products Improper Authentication Vulnerability
Summary
Multiple Hikvision products have an improper authentication vulnerability (a weakness in how the system verifies user identity) that allows attackers to escalate privileges (gain higher-level access than they should have) and access sensitive information. This vulnerability is actively being exploited by attackers in the wild.
Solution / Mitigation
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Vulnerability Details
EPSS: 94.3%
๐ฅ Actively Exploited
Classification
Affected Vendors
Original source: https://nvd.nist.gov/vuln/detail/CVE-2017-7921
First tracked: March 5, 2026 at 03:00 PM
Classified by LLM (prompt v3) ยท confidence: 95%