According to new intelligence, tens of thousands of Hikvision surveillance cameras are still vulnerable to an 11-month-old flaw that has resulted in thousands of organizations exposed to attack. The command injection flaw could allow for remote access if exploited by an attacker. Hikvision is a Chinese-state owned video camera manufacturer. The company provides cameras to over 100 countries, including the US.

The command injection flaw was unveiled last fall by security researchers as CVE-2021-36260 and was rated as high severity on the CVSS scale. Despite the fact that users were urged to patch the device immediately, over 80,000 affected devices remain. Researchers have already detected multiple events in which hackers were seeking to collaborate on exploiting the cameras using the vulnerability. Leaked credentials have been spotted for sale on Russian dark web forums, according to security forces. It is unclear how much damage has been done to the unpatched devices, however, it is possible that adversaries could exploit the vulnerabilities to achieve geo-political agendas or inflict harm.