CVE-2017-20237: RCE in Hirschmann HiVision < 07.0.03
Platform
linux
Component
hirschmann-hivision
Fixed in
07.0.03
CVE-2017-20237 is a critical Remote Code Execution (RCE) vulnerability affecting Hirschmann Industrial HiVision devices. This flaw allows unauthenticated attackers to bypass authentication and execute arbitrary commands with administrative privileges on the device, potentially leading to complete system compromise. The vulnerability impacts versions prior to 06.0.07 and 07.0.03. A patch is available in version 07.0.03.
How to fix
Actualice el software Hirschmann Industrial HiVision a la versión 07.0.03 o posterior para mitigar la vulnerabilidad de bypass de autenticación y ejecución remota de código. Consulte el boletín de seguridad de Belden (BSECV-2017-02) para obtener instrucciones detalladas y la lista completa de versiones afectadas.
Frequently asked questions
What is CVE-2017-20237?
CVE-2017-20237 is a Remote Code Execution (RCE) vulnerability in Hirschmann Industrial HiVision devices. It allows an attacker to execute commands on the device without authentication, gaining administrative access.
Am I affected by CVE-2017-20237?
You are potentially affected if you are using Hirschmann Industrial HiVision versions 0–07.0.03. Versions prior to 06.0.07 and 07.0.03 are vulnerable to this RCE flaw.
How do I fix CVE-2017-20237?
The vulnerability is fixed in version 07.0.03. Upgrade your Hirschmann Industrial HiVision device to this version to mitigate the risk of remote code execution.
Monitor your dependencies automatically
Get notified when new vulnerabilities affect your projects. Free forever.
Start free