CVE-2023-28809
HIGH
Published Jun 15, 20233y ago · Modified Jun 17, 20261w ago
7.5 CVSS 3.1
Published Jun 15, 2023 3y ago
Last Modified Jun 17, 2026 1w ago
Description
Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operation permissions by forging the IP and session ID of an authenticated user.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
No active exploitation signals — not in CISA KEV and no EPSS score yet.
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 2
CWE-284
CWE-384
Affected Products 52
| Vendor | Product | Version | Range |
|---|---|---|---|
| hikvision | ds-k1t320efwx_firmware | * | any |
| hikvision | ds-k1t320efwx | * | any |
| hikvision | ds-k1t320efx_firmware | * | any |
| hikvision | ds-k1t320efx | * | any |
| hikvision | ds-k1t320ewx_firmware | * | any |
| hikvision | ds-k1t320ewx | * | any |
| hikvision | ds-k1t320ex_firmware | * | any |
| hikvision | ds-k1t320ex | * | any |
| hikvision | ds-k1t320mfwx_firmware | * | any |
| hikvision | ds-k1t320mfwx | * | any |
| hikvision | ds-k1t320mfx_firmware | * | any |
| hikvision | ds-k1t320mfx | * | any |
| hikvision | ds-k1t320mwx_firmware | * | any |
| hikvision | ds-k1t320mwx | * | any |
| hikvision | ds-k1t320mx_firmware | * | any |
| hikvision | ds-k1t320mx | * | any |
| hikvision | ds-k1t341am_firmware | * | any |
| hikvision | ds-k1t341am | * | any |
| hikvision | ds-k1t341amf_firmware | * | any |
| hikvision | ds-k1t341amf | * | any |
| hikvision | ds-k1t341cm_firmware | * | any |
| hikvision | ds-k1t341cm | * | any |
| hikvision | ds-k1t343ewx_firmware | * | any |
| hikvision | ds-k1t343ewx | * | any |
| hikvision | ds-k1t343ex_firmware | * | any |
| hikvision | ds-k1t343ex | * | any |
| hikvision | ds-k1t343mwx_firmware | * | any |
| hikvision | ds-k1t343mwx | * | any |
| hikvision | ds-k1t343mx_firmware | * | any |
| hikvision | ds-k1t343mx | * | any |
| hikvision | ds-k1t671_firmware | * | any |
| hikvision | ds-k1t671 | * | any |
| hikvision | ds-k1t671m_firmware | * | any |
| hikvision | ds-k1t671m | * | any |
| hikvision | ds-k1t671mf_firmware | * | any |
| hikvision | ds-k1t671mf | * | any |
| hikvision | ds-k1t671t_firmware | * | any |
| hikvision | ds-k1t671t | * | any |
| hikvision | ds-k1t671tm_firmware | * | any |
| hikvision | ds-k1t671tm | * | any |
| hikvision | ds-k1t671tm-3xf_firmware | * | any |
| hikvision | ds-k1t671tm-3xf | * | any |
| hikvision | ds-k1t671tmf_firmware | * | any |
| hikvision | ds-k1t671tmf | * | any |
| hikvision | ds-k1t671tmfw_firmware | * | any |
| hikvision | ds-k1t671tmfw | * | any |
| hikvision | ds-k1t671tmw_firmware | * | any |
| hikvision | ds-k1t671tmw | * | any |
| hikvision | ds-k1t804af_firmware | * | any |
| hikvision | ds-k1t804af | * | any |
| hikvision | ds-k1t804amf_firmware | * | any |
| hikvision | ds-k1t804amf | * | any |
References 2
- packetstormsecurity.com http://packetstormsecurity.com/files/174506/Hikvision-Access-Control-Session-Hijacking.html
- hikvision.com https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.