CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Mar 26, 2026

CVE-2017-7921

High

EPSS 94.3%CISA KEV

Hikvision/Multiple Products

Description

Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and gain access to sensitive information.

EPSS — Exploit Probability

94.3%

Higher than 99.9% of all CVEs

Required Action

https://www.hikvision.com/us-en/support/document-center/special-notices/privilege-escalating-vulnerability-in-certain-hikvision-ip-cameras/ ; https://nvd.nist.gov/vuln/detail/CVE-2017-7921

CVE-2017-7921

Description

EPSS — Exploit Probability

Required Action

Related Articles (3)

Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor

Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog

CISA Adds Five Known Exploited Vulnerabilities to Catalog

Risk Assessment

Details

Timeline

Affected Product

External Links