Vulnerability Description
Hirschmann Industrial HiVision versions prior to 06.0.07 and 07.0.03 contains an authentication bypass vulnerability in the master service that allows unauthenticated remote attackers to execute arbitrary commands with administrative privileges. Attackers can invoke exposed interface methods over the remote service to bypass authentication and achieve remote code execution on the underlying operating system.
CVSS Score
CRITICAL
Related Weaknesses (CWE)
References
- https://assets.belden.com/m/1cb01df62f1f31e3/original/Unauthenticated-Remote-Cod
- https://www.vulncheck.com/advisories/hirschmann-industrial-hivision-authenticati
FAQ
What is CVE-2017-20237?
CVE-2017-20237 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Hirschmann Industrial HiVision versions prior to 06.0.07 and 07.0.03 contains an authentication bypass vulnerability in the master service that allows unauthenticated remote attackers to execute arbit...
How severe is CVE-2017-20237?
CVE-2017-20237 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2017-20237?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.