CSV Injection Vulnerability Affects HikCentral Master Lite Versions
CVE-2024-47485

5.5MEDIUM

Key Information:

Vendor: Hikvision
Status: Hikcentral Master Lite
Vendor: CVE Published:; 18 October 2024

What is CVE-2024-47485?

A vulnerability exists in certain versions of HikCentral Master Lite, allowing for CSV injection attacks. This flaw enables attackers to craft malicious CSV content that, when executed, can run unintended commands within the affected application. Exploitation could lead to data manipulation and unauthorized system access, posing significant risks to user data integrity and confidentiality. Users are urged to apply the latest security updates and adhere to best practices to mitigate potential threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

HikCentral Master Lite Versions between V2.0.0 and V2.2.1

References

https://www.hikvision.com/en/support/cybersecurity/securi...

CVSS V4

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Oct 18, 2024
Vulnerability Reserved
Sep 25, 2024

Credit

Yousef Alfuhaid

JSON

Hikvision

What is CVE-2024-47485?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.