Cybersecurity researchers are warning about three vulnerabilities found in Hikvision HikCentral, a centralized management software used for security operations, video surveillance, and access control.
One of the flaws, CVE-2025-39247, is a high-severity vulnerability that allows an unauthenticated user to gain admin privileges. This means an attacker can take full control of the system without even logging in. Once inside, they can tamper with configurations, delete logs, or shut down critical monitoring. This poses a serious risk to any organization that relies on HikCentral for its security infrastructure.
The other two vulnerabilities are:
- CVE-2025-39245: A CSV injection flaw in some HikCentral Master Lite versions that allows an attacker to run commands.
- CVE-2025-39246: An unquoted service path vulnerability in some FocSign versions that could allow an authenticated user to escalate privileges.
An attacker who exploits the main flaw can act as a full administrator. This could allow them to disable cameras during a physical break-in, unlock restricted doors, or delete security footage. This presents a major threat to the safety and business continuity of affected organizations.
The affected versions include:
This is a critical alert for organizations using the vulnerable HikCentral builds. The most significant risk is that attackers can exploit the flaw without any authentication. This allows them to bypass all normal security procedures and immediately gain complete administrative control over the system.
Organizations must treat this as a wake-up call. The best course of action is to update immediately. HikCentral administrators should:
- Harden their environment by limiting external exposure.
- Check their version number to see if it falls within the affected range.
- Download and install the latest patches from the official Hikvision security bulletin.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
