Vulnerability Description
Honeywell NVR devices allow remote attackers to create a user account in the admin group by leveraging access to a guest account to obtain a session ID, and then sending that session ID in a userManager.addUser request to the /RPC2 URI. The attacker can login to the device with that new user account to fully control the device.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Honeywell | Enterprise Dvr Firmware | - |
| Honeywell | Enterprise Dvr | - |
| Honeywell | Maxpro Nvr Hybrid Se Firmware | - |
| Honeywell | Maxpro Nvr Hybrid Se | - |
| Honeywell | Maxpro Nvr Hybrid Xe Firmware | - |
| Honeywell | Maxpro Nvr Hybrid Xe | - |
| Honeywell | Maxpro Nvr Se Firmware | - |
| Honeywell | Maxpro Nvr Se | - |
| Honeywell | Maxpro Nvr Xe Firmware | - |
| Honeywell | Maxpro Nvr Xe | - |
| Honeywell | Fusion Iv Rev C Firmware | - |
| Honeywell | Fusion Iv Rev C | - |
| Honeywell | Maxpro Nvr Pe Firmware | - |
| Honeywell | Maxpro Nvr Pe | - |
Related Weaknesses (CWE)
References
- https://github.com/zzz66686/Honeywell_NVR_vulThird Party Advisory
- https://github.com/zzz66686/Honeywell_NVR_vulThird Party Advisory
FAQ
What is CVE-2017-14263?
CVE-2017-14263 is a vulnerability with a CVSS score of 8.1 (HIGH). Honeywell NVR devices allow remote attackers to create a user account in the admin group by leveraging access to a guest account to obtain a session ID, and then sending that session ID in a userManag...
How severe is CVE-2017-14263?
CVE-2017-14263 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-14263?
Check the references section above for vendor advisories and patch information. Affected products include: Honeywell Enterprise Dvr Firmware, Honeywell Enterprise Dvr, Honeywell Maxpro Nvr Hybrid Se Firmware, Honeywell Maxpro Nvr Hybrid Se, Honeywell Maxpro Nvr Hybrid Xe Firmware.