Hikvision Warns of High-Severity Vulnerability in Wireless Access Points, Users Urged to Update Firmware
Hikvision has fixed a high-severity security flaw affecting multiple wireless access point models that could allow attackers to execute commands remotely, urging users to update firmware immediately to protect network security.
Tech Author
Hikvision has issued an important security warning on a serious vulnerability discovered in several of their wireless access point models. The organization stated that this vulnerability might enable attackers using correct login credentials to execute malicious commands on vulnerable devices. Hikvision issued an official warning on January 30, 2026, asking consumers and companies to update their devices promptly to minimize security threats.
What is the Hikvision vulnerability?
The security vulnerability, known as CVE-2026-0709, is caused by improper input validation in the firmware of Hikvision wireless access points. Simply put, the device fails to correctly validate certain inputs. Because of this, an attacker with network access and appropriate credentials can transmit specially crafted data packets to the device and remotely execute commands.
This attack requires no user input, such as clicking links or opening files. Once misused, the attacker can obtain complete control of the access point, resulting in network disruption, data exposure, or additional attacks on associated systems. Hikvision has given a CVSS score of 7.2 to this bug, indicating its high severity.
Vulnerable Hikvision models
The vulnerability affects six models from Hikvision’s DS-3WAP series, running older firmware versions. The affected models include:
- DS-3WAP521-SI
- DS-3WAP522-SI
- DS-3WAP621E-SI
- DS-3WAP622E-SI
- DS-3WAP623E-SI
- DS-3WAP622G-SI
All devices running firmware version V1.1.6303 build 250812 or earlier are vulnerable.
Patch and security recommendations
Hikvision has published a fixed firmware version, V1.1.6601 build 251223, to address the issue. Users and IT administrators should promptly verify their device firmware versions and upgrade them via Hikvision's official support page. In addition to updating, experts advocate restricting access to administrative interfaces, employing strong passwords, and using network segmentation to prevent susceptibility. These procedures can help prevent unwanted access.
This event demonstrates the growing importance of frequent firmware updates and network security in defending wireless infrastructure. Overall, this vulnerability serves as a reminder that network devices are a potential target for cyberattacks. Keeping firmware up to date is one of the most effective strategies to mitigate security concerns. Organizations should also conduct frequent access control reviews to safeguard sensitive network infrastructure. Taking prompt action today can assist to avoid significant security incidents later.
Information referenced in this article is from Cyber Press
