Joerngermany

**Name of the Vulnerable Software and Affected Versions** Ezviz CS-C6N-xxx versions prior to v5.3.x build 20230401 Ezviz CS-CV310-xxx versions prior to v5.3.x build 20230401 Ezviz CS-C6CN-xxx versions prior to v5.3.x build 20230401 Ezviz CS-C3N-xxx versions prior to v5.3.x build 20230401 Hikvision products (affected versions not specified) **Description** An authentication bypass vulnerability in the Direct Connection Module or Hik-Connect Module allows remote attackers to obtain sensitive information or consume services by sending crafted messages to the affected devices. **Recommendations** For Ezviz CS-C6N-xxx versions prior to v5.3.x build 20230401, update to v5.3.x build 20230401 or later. For Ezviz CS-CV310-xxx versions prior to v5.3.x build 20230401, update to v5.3.x build 20230401 or later. For Ezviz CS-C6CN-xxx versions prior to v5.3.x build 20230401, update to v5.3.x build 20230401 or later. For Ezviz CS-C3N-xxx versions prior to v5.3.x build 20230401, update to v5.3.x build 20230401 or later. For Hikvision products, at the moment, there is no information about a newer version that contains a fix for this vulnerability.