CVE-2023-33806 – Hikvision Interactive Tablet DS-D5B86RB/B versi... (How to Fix)

Q: What is the severity of CVE-2023-33806?

CVE-2023-33806 has a CVSS score of 7.8 (HIGH). Hikvision Interactive Tablet DS-D5B86RB/B version V2.3.0 build220119 has insecure default configurations that allow attackers to execute arbitrary commands. This vulnerability affects organizations using these specific tablets with the vulnerable firmware. Attackers can potentially gain unauthorized access and control over the device.

📋 TL;DR

Hikvision Interactive Tablet DS-D5B86RB/B version V2.3.0 build220119 has insecure default configurations that allow attackers to execute arbitrary commands. This vulnerability affects organizations using these specific tablets with the vulnerable firmware. Attackers can potentially gain unauthorized access and control over the device.

💻 Affected Systems

Products:

Hikvision Interactive Tablet DS-D5B86RB/B

Versions: V2.3.0 build220119

Operating Systems: Embedded Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the specific model and firmware version mentioned. Default configurations are vulnerable without any user modification.

📦 What is this software?

Ds D5b86rb\/b Firmware by Hikvision

View all CVEs affecting Ds D5b86rb\/b Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing attackers to execute arbitrary commands, potentially leading to data theft, lateral movement within networks, or device bricking.

🟠

Likely Case

Unauthorized command execution leading to device manipulation, data extraction, or installation of persistent backdoors.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls, though device remains vulnerable to local network attacks.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public proof-of-concept available in GitHub gist. Exploitation appears straightforward based on insecure defaults.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

Check Hikvision official website for firmware updates. If available, download and apply the latest firmware following vendor instructions.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Hikvision tablets from internet and restrict network access to necessary services only.

Access Control Lists

all

Implement strict firewall rules to limit which IP addresses can communicate with the tablets.

🧯 If You Can't Patch

Remove devices from internet-facing networks immediately
Implement strict network segmentation and monitor all traffic to/from affected devices

🔍 How to Verify

Check if Vulnerable:

Check device firmware version via web interface or serial console. If version is V2.3.0 build220119, device is vulnerable.

Check Version:

Check via device web interface at System > Version Information or via serial console if available.

Verify Fix Applied:

Verify firmware has been updated to a version newer than V2.3.0 build220119.

📡 Detection & Monitoring

Log Indicators:

Unusual command execution logs
Unauthorized access attempts to device services
Unexpected process creation

Network Indicators:

Unusual outbound connections from tablets
Suspicious command and control traffic
Unexpected port scanning from tablet IPs

SIEM Query:

source_ip IN (tablet_ips) AND (event_type:command_execution OR destination_port:22,23,80,443 FROM external_ips)

📊 Metadata

CVE ID: CVE-2023-33806

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-77

Published: April 15, 2024

Last Updated: June 20, 2025

🔗 References

https://gist.github.com/s4fv4n/5a6374cf1dcad85226566eaa325a710d Third Party Advisory
https://gist.github.com/s4fv4n/5a6374cf1dcad85226566eaa325a710d Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-33806, you might also want to check these: