8.1
CVE-2023-28813
- EPSS 0.63%
- Veröffentlicht 23.11.2023 09:15:33
- Zuletzt bearbeitet 21.11.2024 07:56:04
- Quelle hsrc@hikvision.com
- CVE-Watchlists
- Unerledigt
LoginAn attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hikvision ≫ Localservicecomponents Version <= 1.0.0.78
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.63% | 0.452 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
| hsrc@hikvision.com | 8.1 | 2.8 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
|
https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikvision-web-browser-plug-in-locals/