CISA Adds Actively Exploited Digiever NVR Vulnerability to KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-52163 to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability affects the Digiever DS-2105 Pro network video recorder (NVR) and carries a CVSS score of 8.8, indicating a high severity level. The vulnerability is characterized as a post-authentication command injection flaw, which can lead to remote code execution on the affected device. In technical terms, a command injection vulnerability allows attackers to execute arbitrary commands on the operating system of the affected device. The "post-authentication" aspect means that an attacker must first obtain valid credentials or some level of access to the system before exploiting this vulnerability. Once authenticated, the attacker can inject malicious commands that the system will execute, potentially leading to full control over the device. The implication of remote code execution (RCE) is particularly serious, as it allows attackers to run any code of their choosing on the compromised system. This can lead to a variety of malicious activities, such as stealing data, installing malware, or using the device as a launchpad for further attacks within the network. The fact that CISA has added this vulnerability to its KEV catalog indicates that there is evidence of active exploitation in the wild. However, the source does not provide specific details about the nature of these attacks or the threat actors involved. It is also noted that this vulnerability is specific to the Digiever DS-2105 Pro model, and not necessarily to other models or products from the same manufacturer. For cybersecurity professionals, the inclusion of this vulnerability in the KEV catalog underscores the importance of promptly applying security updates and patches to affected systems. It also highlights the need for robust access controls and monitoring to detect and prevent unauthorized access to network devices. Given the critical role that network video recorders play in physical security and surveillance systems, the exploitation of this vulnerability could have significant implications for the confidentiality, integrity, and availability of video data. Organizations using the affected model should prioritize remediation efforts to mitigate the risk of compromise.