Description
A vulnerability found in Dahua NVR/XVR device. A third-party malicious attacker with physical access to the device may gain access to a restricted shell via the serial port, and bypasses the shell's authentication mechanism to escalate privileges.
Published: 2026-03-18
Score: 2.4 Low
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Assess Impact
AI Analysis

Impact

A misuse of a restricted shell accessed through a serial port allows a third‑party malicious attacker who has physical access to a Dahua NVR or XVR device to bypass authentication and gain elevated privileges. This improper restriction is classified as CWE‑305 and can lead to unauthorized control or modification of the device’s configuration and operation.

Affected Systems

The vulnerability affects Dahua NVR2‑4KS3, Dahua XVR1B16H‑I/T, and Dahua XVR4232AN‑I/T models. No specific firmware or hardware version ranges are provided in the CNA data.

Risk and Exploitability

The CVSS score of 2.4 indicates a low severity, and the EPSS score is not available, with no listing in CISA’s KEV catalog. The requirement of physical access to the serial port makes exploitation less likely in general environments, but once an attacker is in proximity, the lack of authentication enables immediate privilege escalation. The combination of low CVSS and physical access requirement results in a moderate overall risk that warrants inventorying exposed serial ports and applying vendor patches when available.

Generated by OpenCVE AI on March 18, 2026 at 08:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check Dahua’s product security advisory page for a firmware update that addresses the serial‑port restricted shell vulnerability.
  • If an update is available, download and apply it to the affected NVR and XVR models as soon as possible.
  • If no patch is available, limit physical access to the device’s serial port by covering the port, disabling it in the firmware settings, or positioning the unit in a secure environment.
  • Monitor system logs for unexpected shell login activity and review access controls regularly.

Generated by OpenCVE AI on March 18, 2026 at 08:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 24 Mar 2026 13:30:00 +0000

Type Values Removed Values Added
Title Privilege Escalation via Serial Port Restricted Shell in Dahua NVR/XVR Devices

Wed, 18 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 18 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Dahua
Dahua nvr2-4ks3
Dahua xvr1b16h-i/t
Dahua xvr4232an-i/t
Vendors & Products Dahua
Dahua nvr2-4ks3
Dahua xvr1b16h-i/t
Dahua xvr4232an-i/t

Wed, 18 Mar 2026 07:45:00 +0000

Type Values Removed Values Added
Description A vulnerability found in Dahua NVR/XVR device. A third-party malicious attacker with physical access to the device may gain access to a restricted shell via the serial port, and bypasses the shell's authentication mechanism to escalate privileges.
Weaknesses CWE-305
References
Metrics cvssV4_0

{'score': 2.4, 'vector': 'CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

Dahua Nvr2-4ks3 Xvr1b16h-i/t Xvr4232an-i/t
cve-icon MITRE

Status: PUBLISHED

Assigner: dahua

Published:

Updated: 2026-03-18T14:09:28.123Z

Reserved: 2025-04-01T05:57:11.783Z

Link: CVE-2025-31703

cve-icon Vulnrichment

Updated: 2026-03-18T14:09:24.012Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-18T08:16:26.810

Modified: 2026-03-18T14:52:44.227

Link: CVE-2025-31703

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:59:13Z

Weaknesses