← volver
CVE-2025-66173

CVE-2025-66173

CVSS 6.2 MEDIUMEPSS 0.2%CWE-269
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.2EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
19 dic 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted shell environment.
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Hikvision · DS-7104HGHI-F1Hikvision · DS-7204HGHI-F1

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.hikvision.com/en/support/cybersecurity/security-advisory/serial-port-privilege-escalation-vulnerabilities-in-some-hikvision-nvr-devices/