CVE-2025-39247

Summary

There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.

Affected Software

VendorProductVersion RangeStatus
HikvisionHikCentral ProfessionalVersions between V2.3.1 and V2.6.2affected
HikvisionHikCentral ProfessionalVersion V3.0.0affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References