CVE-2023-28810

Published: Jun 15, 2023Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.

Affected (37)

Hikvision

37 products

Ds K1t804af Firmware

Ds K1t804amf Firmware

Ds K1t341am Firmware

Ds K1t341amf Firmware

Ds K1t671m Firmware

Ds K1t671mf Firmware

Ds K1t671 Firmware

Ds K1t343efwx Firmware

Ds K1t343efx Firmware

Ds K1t343ewx Firmware

Ds K1t343ex Firmware

Ds K1t343mfwx Firmware

Ds K1t343mfx Firmware

Ds K1t343mwx Firmware

Ds K1t343mx Firmware

Ds K1t341c Firmware

Ds K1t320efwx Firmware

Ds K1t320efx Firmware

Ds K1t320ewx Firmware

Ds K1t320ex Firmware

Ds K1t320mfwx Firmware

Ds K1t320mfx Firmware

Ds K1t320mwx Firmware

Ds K1t320mx Firmware

Ds Kh6320 Wte1 Firmware

Ds Kh6350 Wte1 Firmware

Ds Kh6351 Te1 Firmware

Ds Kh6351 Wte1 Firmware

Ds Kh6320 Le1 Firmware

Ds Kh63le1(b) Firmware

Ds Kh6320 Tde1 Firmware

Ds Kh6320 Te1 Firmware

Ds Kh6320 Wtde1 Firmware

Ds Kh8520 Wte1 Firmware

Ds Kh6220 Le1 Firmware

Ds Kh9310 Wte1(b) Firmware

Ds Kh9510 Wte1(b) Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t804af Firmware	Up to 1.4.0_build221212

Running on/with	Platform Versions
Hikvision Ds K1t804af	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t804amf Firmware	Up to 1.4.0_build221212

Running on/with	Platform Versions
Hikvision Ds K1t804amf	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t341am Firmware	Up to 3.2.30_build221223

Running on/with	Platform Versions
Hikvision Ds K1t341am	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t341amf Firmware	Up to 3.2.30_build221223

Running on/with	Platform Versions
Hikvision Ds K1t341amf	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t671m Firmware	Up to 3.2.30_build221223

Running on/with	Platform Versions
Hikvision Ds K1t671m	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t671mf Firmware	Up to 3.2.30_build221223

Running on/with	Platform Versions
Hikvision Ds K1t671mf	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t671 Firmware	Up to 3.2.30_build221223

Running on/with	Platform Versions
Hikvision Ds K1t671	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t343efwx Firmware	Up to 3.14.0_build230117

Running on/with	Platform Versions
Hikvision Ds K1t343efwx	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t343efx Firmware	Up to 3.14.0_build230117

Running on/with	Platform Versions
Hikvision Ds K1t343efx	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t343ewx Firmware	Up to 3.14.0_build230117

Running on/with	Platform Versions
Hikvision Ds K1t343ewx	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t343ex Firmware	Up to 3.14.0_build230117

Running on/with	Platform Versions
Hikvision Ds K1t343ex	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t343mfwx Firmware	Up to 3.14.0_build230117

Running on/with	Platform Versions
Hikvision Ds K1t343mfwx	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t343mfx Firmware	Up to 3.14.0_build230117

Running on/with	Platform Versions
Hikvision Ds K1t343mfx	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t343mwx Firmware	Up to 3.14.0_build230117

Running on/with	Platform Versions
Hikvision Ds K1t343mwx	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t343mx Firmware	Up to 3.14.0_build230117

Running on/with	Platform Versions
Hikvision Ds K1t343mx	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t341c Firmware	Up to 3.3.8_build230112

Running on/with	Platform Versions
Hikvision Ds K1t341c	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t320efwx Firmware	Up to 3.5.0_build220706

Running on/with	Platform Versions
Hikvision Ds K1t320efwx	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t320efx Firmware	Up to 3.5.0_build220706

Running on/with	Platform Versions
Hikvision Ds K1t320efx	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t320ewx Firmware	Up to 3.5.0_build220706

Running on/with	Platform Versions
Hikvision Ds K1t320ewx	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t320ex Firmware	Up to 3.5.0_build220706

Running on/with	Platform Versions
Hikvision Ds K1t320ex	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t320mfwx Firmware	Up to 3.5.0_build220706

Running on/with	Platform Versions
Hikvision Ds K1t320mfwx	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t320mfx Firmware	Up to 3.5.0_build220706

Running on/with	Platform Versions
Hikvision Ds K1t320mfx	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t320mwx Firmware	Up to 3.5.0_build220706

Running on/with	Platform Versions
Hikvision Ds K1t320mwx	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds K1t320mx Firmware	Up to 3.5.0_build220706

Running on/with	Platform Versions
Hikvision Ds K1t320mx	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds Kh6320 Wte1 Firmware	Up to 2.2.8_build230219

Running on/with	Platform Versions
Hikvision Ds Kh6320 Wte1	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds Kh6350 Wte1 Firmware	Up to 2.2.8_build230219

Running on/with	Platform Versions
Hikvision Ds Kh6350 Wte1	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds Kh6351 Te1 Firmware	Up to 2.2.8_build230219

Running on/with	Platform Versions
Hikvision Ds Kh6351 Te1	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds Kh6351 Wte1 Firmware	Up to 2.2.8_build230219

Running on/with	Platform Versions
Hikvision Ds Kh6351 Wte1	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds Kh6320 Le1 Firmware	Up to 2.2.8_build230219

Running on/with	Platform Versions
Hikvision Ds Kh6320 Le1	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds Kh63le1(b) Firmware	Up to 2.2.8_build230219

Running on/with	Platform Versions
Hikvision Ds Kh63le1(b)	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds Kh6320 Tde1 Firmware	Up to 2.2.8_build230219

Running on/with	Platform Versions
Hikvision Ds Kh6320 Tde1	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds Kh6320 Te1 Firmware	Up to 2.2.8_build230219

Running on/with	Platform Versions
Hikvision Ds Kh6320 Te1	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds Kh6320 Wtde1 Firmware	Up to 2.2.8_build230219

Running on/with	Platform Versions
Hikvision Ds Kh6320 Wtde1	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds Kh8520 Wte1 Firmware	Up to 2.2.8_build230219

Running on/with	Platform Versions
Hikvision Ds Kh8520 Wte1	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds Kh6220 Le1 Firmware	Up to 1.4.62_build220414

Running on/with	Platform Versions
Hikvision Ds Kh6220 Le1	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds Kh9310 Wte1(b) Firmware	Up to 2.1.76_build230204

Running on/with	Platform Versions
Hikvision Ds Kh9310 Wte1(b)	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hikvision Ds Kh9510 Wte1(b) Firmware	Up to 2.1.76_build230204

Running on/with	Platform Versions
Hikvision Ds Kh9510 Wte1(b)	All versions

Related CWEs

CWE-284

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (2)

https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/

Source: hsrc@hikvision.com

Vendor Advisory

https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.