A zero-click vulnerability was found in a popular IoT security camera that could allow an unauthenticated attacker to gain full access to the device and internal networks. The critical bug (CVE-2021-36260) was awarded 9.8 on the CVSS scale of severity.

Hikvision has patched the issue. The company has also released a security advisory detailing which products are at risk – hikvision.com.