Description
Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution.
Published: 2026-05-09
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in certain Hikvision switch devices permits authenticated users to execute arbitrary system commands. The vulnerability stems from inadequate validation of command payloads that are accepted over the network. If an attacker can supply crafted packets, they can run any code with the privileges of the system account used for authentication, leading to full compromise of the device.

Affected Systems

The affected products are Hikvision DS‑3E1310P‑SI, DS‑3E1318P‑SI and DS‑3E1326P‑SI switches. The advisory notes that these models were discontinued in December 2023 and no specific firmware or software version ranges are provided.

Risk and Exploitability

The CVSS score of 7.2 indicates a medium‑to‑high severity. Exploitation requires valid credentials, but once authenticated the attacker can perform arbitrary command execution. The EPSS score of < 1% implies a very low likelihood of exploitation, and the vulnerability is not listed in the CISA KEV catalog, suggesting no current evidence of widespread exploitation. The attack vector is inferred to be remote over the network, and the flaw is a classic command‑injection weakness.

Generated by OpenCVE AI on May 11, 2026 at 19:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware or software patch released by Hikvision as described in the security advisory.
  • Disable or restrict unused administrative accounts and remove any default credentials on the affected switches.
  • Segregate the switches from other network segments and limit remote management access to only trusted IP ranges or VPN connections.

Generated by OpenCVE AI on May 11, 2026 at 19:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 11 May 2026 20:00:00 +0000

Type Values Removed Values Added
Title Authenticated Remote Command Execution in Hikvision Switches

Mon, 11 May 2026 18:45:00 +0000

Type Values Removed Values Added
Title Authenticated Remote Command Execution Vulnerability in Hikvision Switches
Weaknesses CWE-20
CWE-77

Mon, 11 May 2026 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-78
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Sun, 10 May 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Hikvision
Hikvision ds-3e1310p-si
Hikvision ds-3e1318p-si
Hikvision ds-3e1326p-si
Vendors & Products Hikvision
Hikvision ds-3e1310p-si
Hikvision ds-3e1318p-si
Hikvision ds-3e1326p-si

Sat, 09 May 2026 11:15:00 +0000

Type Values Removed Values Added
Title Authenticated Remote Command Execution Vulnerability in Hikvision Switches
Weaknesses CWE-20
CWE-77

Sat, 09 May 2026 09:00:00 +0000

Type Values Removed Values Added
Description Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution.
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Hikvision Ds-3e1310p-si Ds-3e1318p-si Ds-3e1326p-si
cve-icon MITRE

Status: PUBLISHED

Assigner: hikvision

Published:

Updated: 2026-05-11T15:22:55.314Z

Reserved: 2026-03-09T09:20:38.428Z

Link: CVE-2026-3828

cve-icon Vulnrichment

Updated: 2026-05-11T15:22:44.890Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-09T09:16:09.107

Modified: 2026-05-12T16:42:18.330

Link: CVE-2026-3828

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-11T19:45:08Z

Weaknesses