← voltar
CVE-2023-28810

CVE-2023-28810

CVSS 4.3 MEDIUMEPSS 10.4%CWE-284
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Produtos afetados
hikvision · DS-K1T320XXXhikvision · DS-K1T341AXXhikvision · DS-K1T341Chikvision · DS-K1T343XXXhikvision · DS-K1T671XXXhikvision · DS-K1T804AXXhikvision · DS-KH63 Series,DS-KH85 Serieshikvision · DS-KH9310-WTE1(B),DS-KH9510-WTE1(B)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/