CISA Adds Actively Exploited Digiever DS-2105 Pro Vulnerability (CVE-2023-52163) to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-52163, a vulnerability affecting the Digiever DS-2105 Pro network video recorder (NVR), to its Known Exploited Vulnerabilities (KEV) catalog. This inclusion signifies that the vulnerability is either being actively exploited in the wild or poses a significant risk to critical infrastructure. The vulnerability has been assigned a CVSS score of 8.8, indicating a high severity level. Network video recorders like the Digiever DS-2105 Pro are critical components in surveillance systems, often deployed in sensitive environments such as critical infrastructure, government facilities, and commercial establishments. The high CVSS score suggests that successful exploitation could lead to severe consequences, such as unauthorized access to video feeds, disruption of surveillance operations, or potential lateral movement within the network. The inclusion of CVE-2023-52163 in CISA's KEV catalog underscores the urgency for organizations to prioritize patching or implementing mitigations for this vulnerability. Given the lack of detailed technical information in the announcement, it is crucial for security teams to monitor updates from Digiever and CISA for further guidance on remediation steps. From a cybersecurity perspective, this development highlights the ongoing risk posed by vulnerabilities in IoT and networked devices. These devices often lack robust security features and can serve as entry points for attackers to gain access to broader network infrastructure. The active exploitation of such vulnerabilities emphasizes the importance of maintaining a comprehensive asset inventory, regularly updating firmware, and implementing network segmentation to limit the potential impact of compromises. In conclusion, the addition of CVE-2023-52163 to CISA's KEV catalog serves as a reminder of the critical need for vigilance and proactive security measures in managing networked devices. Organizations utilizing the Digiever DS-2105 Pro should immediately assess their exposure and take appropriate actions to mitigate the risk associated with this vulnerability.