CVE-2025-66177HIGH 8.8EPSS p23.9%

CVE-2025-66177CVE-2025-66177

Description

There is a Stack overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.32% probability of exploitation · percentile 23.9% · 2026-06-18T12:00:27Z
Published2026-01-13
Last modified2026-04-15

Underlying weaknesses· 1

CWE-121

References

  1. https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerabilities-in-some-hikvision-products/

1

TypeTargetConfidenceTier
WeaknessStack-based Buffer Overflowcwe-1210%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-66176
CVE
Hikvision Multiple Products Improper Authentication Vulnerability
CVE
CVE-2025-31701
CVE
CVE-2025-31700
CVE
CVE-2025-3711
CVE
CVE-2025-3714
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.