Updated CISA KEV list includes Digiever network video recorder RCE

Ongoing attacks involving the high-severity missing authorization bug impacting Digiever DS-2105 Pro network video recorders, tracked as CVE-2025-52163, have prompted the issue's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal civilian executive branch agencies urged to mitigate the weakness or retire impacted instances by Jan. 12, reports The Hacker News. Abuse of the flaw, which was reported by Akamai and Fortinet researchers to have allowed Mirai and ShadowV2 botnet deployment, could allow command injection, according to CISA. Such a vulnerability and another medium-severity arbitrary read issue, tracked as CVE-2023-52164, have remained unfixed after the Digiever NVRs reached end-of-life, said TXOne Research's Ta-Lun Yen. Exploitation requires an attacker to be logged in and send a specially crafted request. Users are advised to avoid exposing the device to the internet and change default credentials until a fix is available.