CVE-2017-14953

Name of the Vulnerable Software and Affected Versions: Hikvision DS-2CD2432F-IW (affected versions not specified)

Description: The issue is related to the use of a default SSID without WiFi encryption or authentication in Hikvision IP cameras. This can allow a remote attacker to gain elevated privileges. In a wired configuration, physically proximate attackers can trigger association with an arbitrary access point by leveraging the default SSID. The vendor considers this an increase to the attack surface rather than a vulnerability.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.