NextGuard
UNKNOWNCVE-2017-20237

Hirschmann Industrial HiVision Authentication Bypass Remote Code Execution

Platform

other

Component

hirschmann-hivision

Fixed in

07.0.03

View on NVD

Hirschmann Industrial HiVision versions prior to 06.0.07 and 07.0.03 contains an authentication bypass vulnerability in the master service that allows unauthenticated remote attackers to execute arbitrary commands with administrative privileges. Attackers can invoke exposed interface methods over the remote service to bypass authentication and achieve remote code execution on the underlying operating system.

How to fix

Actualice Hirschmann Industrial HiVision a la versión 06.0.07 o 07.0.03, o posterior, para corregir la vulnerabilidad de omisión de autenticación. Esto evitará que atacantes remotos no autenticados ejecuten comandos arbitrarios con privilegios administrativos.

Monitor your dependencies automatically

Get notified when new vulnerabilities affect your projects. Free forever.

Start free