CVE-2023-28810
published 2023-06-15CVE-2023-28810: Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network…
PriorityP430medium4.3CVSS 3.1
AVAACLPRNUINSUCNILAN
EPSS
10.40%
95.2th percentile
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.
Affected
43 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hikvision | ds-k1t320efwx_firmware | <= 3.5.0_build220706 | — |
| hikvision | ds-k1t320efx_firmware | <= 3.5.0_build220706 | — |
| hikvision | ds-k1t320ewx_firmware | <= 3.5.0_build220706 | — |
| hikvision | ds-k1t320ex_firmware | <= 3.5.0_build220706 | — |
| hikvision | ds-k1t320mfwx_firmware | <= 3.5.0_build220706 | — |
| hikvision | ds-k1t320mfx_firmware | <= 3.5.0_build220706 | — |
| hikvision | ds-k1t320mwx_firmware | <= 3.5.0_build220706 | — |
| hikvision | ds-k1t320mx_firmware | <= 3.5.0_build220706 | — |
| hikvision | ds-k1t320xxx | >= V3.5.0_build220706 < V3.5.0_build220706 | V3.5.0_build220706 |
| hikvision | ds-k1t341am_firmware | <= 3.2.30_build221223 | — |
| hikvision | ds-k1t341amf_firmware | <= 3.2.30_build221223 | — |
| hikvision | ds-k1t341axx | >= V3.2.30_build221223 < V3.2.30_build221223 | V3.2.30_build221223 |
| hikvision | ds-k1t341c | >= V3.3.8_build230112 < V3.3.8_build230112 | V3.3.8_build230112 |
| hikvision | ds-k1t341c_firmware | <= 3.3.8_build230112 | — |
| hikvision | ds-k1t343efwx_firmware | <= 3.14.0_build230117 | — |
| hikvision | ds-k1t343efx_firmware | <= 3.14.0_build230117 | — |
| hikvision | ds-k1t343ewx_firmware | <= 3.14.0_build230117 | — |
| hikvision | ds-k1t343ex_firmware | <= 3.14.0_build230117 | — |
| hikvision | ds-k1t343mfwx_firmware | <= 3.14.0_build230117 | — |
| hikvision | ds-k1t343mfx_firmware | <= 3.14.0_build230117 | — |
| hikvision | ds-k1t343mwx_firmware | <= 3.14.0_build230117 | — |
| hikvision | ds-k1t343mx_firmware | <= 3.14.0_build230117 | — |
| hikvision | ds-k1t343xxx | >= V3.14.0_build230117 < V3.14.0_build230117 | V3.14.0_build230117 |
| hikvision | ds-k1t671_firmware | <= 3.2.30_build221223 | — |
| hikvision | ds-k1t671m_firmware | <= 3.2.30_build221223 | — |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
cisa6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Hikvision Access Control and Intercom Products
cisa_ics·2023-10-12·CVSS 7.5
[HIGH] Hikvision Access Control and Intercom Products
ICS Advisory
##
Hikvision Access Control and Intercom Products
Release DateOctober 12, 2023
Alert CodeICSA-23-285-14
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 7.5
- ATTENTION: Exploitable remotely
- Vendor: Hikvision
- Equipment: Access Control and Intercom Products
- Vulnerabilities: Session Fixation, Improper Access Control
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could result in an attacker hijacking a session and gaining device operation permissions or result in an attacker modifying device network configuration by sending specific data packets to a vulnerable interface within the same local network.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following Access Control and Intercom Products are affected:
-
D
CISA
Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability
cisa·2023-03-07·CVSS 6.8
CVE-2022-28810 [MEDIUM] CWE-78 Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability
Vulnerability: Zoho ManageEngine ADSelfService Plus Remote Code Execution Vulnerability
Affected: Zoho ManageEngine
Zoho ManageEngine ADSelfService Plus contains an unspecified vulnerability allowing for remote code execution when performing a password change or reset.
Required Action: Apply updates per vendor instructions.
Notes: https://www.manageengine.com/products/self-service-password/advisory/CVE-2022-28810.html; https://nvd.nist.gov/vuln/detail/CVE-2022-28810
Remediation Due Date: 2023-03-28
GHSA
GHSA-75h5-6rfc-gv4f: Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities
ghsa_unreviewed·2023-06-16
CVE-2023-28810 [MEDIUM] CWE-284 GHSA-75h5-6rfc-gv4f: Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities
Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-06-15
Published