CVE-2023-28810

MEDIUM 4.3

CVSS Score

4.3

EPSS Score

0.0%

EPSS Percentile

0th

Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.

CWE	CWE-284
Vendor	hikvision
Product	ds-k1t804axx
Published	Jun 15, 2023
Last Updated	Dec 12, 2024

Stay Ahead of the Next One

Get instant alerts for hikvision ds-k1t804axx

Be the first to know when new medium vulnerabilities affecting hikvision ds-k1t804axx are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Affected Versions

hikvision / DS-K1T804AXX

V1.4.0_build221212 < V1.4.0_build221212

hikvision / DS-K1T341AXX

V3.2.30_build221223 < V3.2.30_build221223

hikvision / DS-K1T671XXX

V3.2.30_build221223 < V3.2.30_build221223

hikvision / DS-K1T343XXX

V3.14.0_build230117 < V3.14.0_build230117

hikvision / DS-K1T341C

V3.3.8_build230112 < V3.3.8_build230112

hikvision / DS-K1T320XXX

V3.5.0_build220706 < V3.5.0_build220706

hikvision / DS-KH63 Series,DS-KH85 Series

V2.2.8_build230219 < V2.2.8_build230219

hikvision / DS-KH9310-WTE1(B),DS-KH9510-WTE1(B)

V2.1.76_build230204 < V2.1.76_build230204

References

NVD ↗ CVE.org ↗ EPSS Data ↗

hikvision.com: https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/

Credits

Peter Szot