CVE-2017-20238 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01 contains an improper authorization vulnerability that allows read-only…
High CVSS: 7.1

CVE-2017-20238

Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01 contains an improper authorization vulnerability that allows read-only users to gain write access to managed devices by bypassing access control mechanisms. Attackers can exploit alternative interfaces such as the web interface or SNMP browser to modify device configurations despite having restricted permissions.
Vendor
-
Product
-
CWE
CWE-285
Yayın Tarihi
2026-04-03 23:17:00
Güncelleme
2026-04-07 13:20:55
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-285 HIGH 2026

Referanslar

https://assets.belden.com/m/7cc5d59343125b25/original/Security-Bulletin-Restricted-User-Roles-Write-Access-HiVision-2017-01.pdf https://www.vulncheck.com/advisories/hirschmann-industrial-hivision-improper-authorization-privilege-escalation