Products

Solutions

Company

Book A Live Demo

CVE-2022-28173 : Security Advisory and Response

Discover details about CVE-2022-28173, a critical vulnerability in Hikvision wireless bridge products, allowing unauthorized access to admin permissions. Learn about impacts, affected systems, and mitigation steps.

This article provides detailed information about CVE-2022-28173, a critical vulnerability in certain Hikvision wireless bridge products, allowing attackers to obtain admin permissions.

Understanding CVE-2022-28173

This section delves into the specifics of the CVE-2022-28173 vulnerability affecting Hikvision devices.

What is CVE-2022-28173?

The web server of specific Hikvision wireless bridge products is susceptible to an access control flaw that enables unauthorized access to admin privileges. Attackers can exploit this vulnerability by sending manipulated messages to the impacted devices.

The Impact of CVE-2022-28173

With a CVSS base score of 9.1 (Critical), this vulnerability poses a severe threat. It can lead to high confidentiality and integrity impacts, allowing unauthorized users to gain admin-level control over affected devices.

Technical Details of CVE-2022-28173

This section provides insight into the technical aspects of CVE-2022-28173.

Vulnerability Description

CVE-2022-28173 is classified under CWE-284 ('Improper Access Control'), highlighting the flaw in access control mechanisms on the web server of vulnerable Hikvision products.

Affected Systems and Versions

The vulnerability impacts Hikvision's DS-3WF0AC-2NT (versions less than V1.1.0) and DS-3WF01C-2N/O (versions less than V1.0.4) wireless bridge products.

Exploitation Mechanism

By sending specifically crafted messages to the affected devices, threat actors can exploit this flaw to gain unauthorized admin permissions.

Mitigation and Prevention

Discover ways to mitigate the risks associated with CVE-2022-28173.

Immediate Steps to Take

Users should immediately apply provided patches and follow security best practices to secure their Hikvision devices.

Long-Term Security Practices

Implement robust access control measures and regularly update firmware to prevent similar vulnerabilities in the future.

Patching and Updates

Hikvision has released security patches for affected products. Ensure timely installation of these patches to safeguard against potential exploits.

CVE-2022-28173 : Security Advisory and Response

Understanding CVE-2022-28173

What is CVE-2022-28173?

The Impact of CVE-2022-28173

Technical Details of CVE-2022-28173

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now

CVE-2022-28173 : Security Advisory and Response

.css-lczsrn{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:24px;font-weight:700;margin-top:1rem;font-family:sans-serif;}Understanding CVE-2022-28173

.css-ru2q5j{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:1.2rem;font-weight:700;margin-top:1rem;margin-bottom:0rem;font-family:sans-serif;}What is CVE-2022-28173?

The Impact of CVE-2022-28173

Technical Details of CVE-2022-28173

Vulnerability Description

Affected Systems and Versions

Exploitation Mechanism

Mitigation and Prevention

Immediate Steps to Take

Long-Term Security Practices

Patching and Updates

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities? Find Out Now

Understanding CVE-2022-28173

What is CVE-2022-28173?

Is your System Free of Underlying Vulnerabilities?
Find Out Now