Critical Vulnerability in Digiever DS-2105 Pro Network Video Recorders Actively Exploited
On December 22, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) added a critical vulnerability affecting Digiever DS-2105 Pro network video recorders (NVRs) to its Known Exploited Vulnerabilities (KEV) catalog. This inclusion follows evidence of active exploitation in the wild, underscoring the urgency for immediate remediation.
Vulnerability Overview
The identified flaw, designated as CVE-2023-52163, is a missing authorization vulnerability within the time_tzsetup.cgi interface of Digiever DS-2105 Pro devices. This security gap allows unauthorized attackers to execute arbitrary commands on the affected systems.
Technical Details
– CVE ID: CVE-2023-52163
– Vulnerability Type: Missing Authorization / Command Injection
– Affected Product: Digiever DS-2105 Pro Network Video Recorder
– CWE Classification: CWE-862 (Missing Authorization)
– Attack Vector: Network
This vulnerability enables threat actors to bypass authentication mechanisms, granting them the ability to inject malicious commands into vulnerable systems. Such exploitation can lead to unauthorized access, system compromise, and potential manipulation of surveillance data.
Implications for Organizations
Digiever’s NVR solutions are widely deployed across various sectors, including enterprises, government facilities, and critical infrastructure environments. The DS-2105 Pro model plays a pivotal role in managing security camera feeds and video storage. The exploitation of this vulnerability poses significant risks, such as:
– Compromise of Surveillance Systems: Unauthorized access could lead to the manipulation or deletion of critical surveillance footage.
– Establishment of Persistent Access: Attackers may use the vulnerability to maintain a foothold within the network, facilitating further malicious activities.
– Lateral Movement: Exploitation could serve as a gateway for attackers to pivot into broader network environments, potentially compromising additional systems.
As of now, there is no confirmed evidence linking this vulnerability to ransomware campaigns. However, the potential for such exploitation cannot be discounted.
CISA’s Directive and Recommendations
In response to the active exploitation of CVE-2023-52163, CISA has mandated that Federal Civilian Executive Branch (FCEB) agencies remediate this vulnerability by January 12, 2026, in accordance with Binding Operational Directive (BOD 22-01).
Organizations utilizing Digiever DS-2105 Pro systems are strongly advised to:
1. Apply Security Patches: Implement the latest security updates and mitigations provided by Digiever to address the vulnerability.
2. Network Segmentation: Isolate vulnerable devices through network segmentation to limit potential exploitation pathways.
3. Review Cloud-Connected Services: Follow applicable guidance for services connected to the cloud to ensure comprehensive security measures are in place.
4. Discontinue Use if Necessary: If vendor patches are unavailable, consider discontinuing the use of affected products until adequate mitigations become available.
Given the confirmed active exploitation, it is imperative for all organizations operating Digiever DS-2105 Pro systems to prioritize the remediation of this vulnerability to safeguard their surveillance infrastructure and broader network environments.
