CVE-2023-28810 - Vulnerability Details

Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00405.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Hikvision Subscribe	Ds-k1t320efwx Subscribe Ds-k1t320efwx Firmware Subscribe Ds-k1t320efx Subscribe Ds-k1t320efx Firmware Subscribe Ds-k1t320ewx Subscribe Ds-k1t320ewx Firmware Subscribe Ds-k1t320ex Subscribe Ds-k1t320ex Firmware Subscribe Ds-k1t320mfwx Subscribe Ds-k1t320mfwx Firmware Subscribe Ds-k1t320mfx Subscribe Ds-k1t320mfx Firmware Subscribe Ds-k1t320mwx Subscribe Ds-k1t320mwx Firmware Subscribe Ds-k1t320mx Subscribe Ds-k1t320mx Firmware Subscribe Ds-k1t341am Subscribe Ds-k1t341am Firmware Subscribe Ds-k1t341amf Subscribe Ds-k1t341amf Firmware Subscribe Ds-k1t341c Subscribe Ds-k1t341c Firmware Subscribe Ds-k1t343efwx Subscribe Ds-k1t343efwx Firmware Subscribe Ds-k1t343efx Subscribe Ds-k1t343efx Firmware Subscribe Ds-k1t343ewx Subscribe Ds-k1t343ewx Firmware Subscribe Ds-k1t343ex Subscribe Ds-k1t343ex Firmware Subscribe Ds-k1t343mfwx Subscribe Ds-k1t343mfwx Firmware Subscribe Ds-k1t343mfx Subscribe Ds-k1t343mfx Firmware Subscribe Ds-k1t343mwx Subscribe Ds-k1t343mwx Firmware Subscribe Ds-k1t343mx Subscribe Ds-k1t343mx Firmware Subscribe Ds-k1t671 Subscribe Ds-k1t671 Firmware Subscribe Ds-k1t671m Subscribe Ds-k1t671m Firmware Subscribe Ds-k1t671mf Subscribe Ds-k1t671mf Firmware Subscribe Ds-k1t804af Subscribe Ds-k1t804af Firmware Subscribe Ds-k1t804amf Subscribe Ds-k1t804amf Firmware Subscribe Ds-kh6220-le1 Subscribe Ds-kh6220-le1 Firmware Subscribe Ds-kh6320-le1 Subscribe Ds-kh6320-le1 Firmware Subscribe Ds-kh6320-tde1 Subscribe Ds-kh6320-tde1 Firmware Subscribe Ds-kh6320-te1 Subscribe Ds-kh6320-te1 Firmware Subscribe Ds-kh6320-wtde1 Subscribe Ds-kh6320-wtde1 Firmware Subscribe Ds-kh6320-wte1 Subscribe Ds-kh6320-wte1 Firmware Subscribe Ds-kh6350-wte1 Subscribe Ds-kh6350-wte1 Firmware Subscribe Ds-kh6351-te1 Subscribe Ds-kh6351-te1 Firmware Subscribe Ds-kh6351-wte1 Subscribe Ds-kh6351-wte1 Firmware Subscribe Ds-kh63le1\(b\) Subscribe Ds-kh63le1\(b\) Firmware Subscribe Ds-kh8520-wte1 Subscribe Ds-kh8520-wte1 Firmware Subscribe Ds-kh9310-wte1\(b\) Subscribe Ds-kh9310-wte1\(b\) Firmware Subscribe Ds-kh9510-wte1\(b\) Subscribe Ds-kh9510-wte1\(b\) Firmware Subscribe

Configuration 1 [-]

AND

cpe:2.3:o:hikvision:ds-k1t804af_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t804af:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:hikvision:ds-k1t804amf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t804amf:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:hikvision:ds-k1t341am_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t341am:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:hikvision:ds-k1t341amf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t341amf:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:hikvision:ds-k1t671m_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t671m:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:hikvision:ds-k1t671mf_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t671mf:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:hikvision:ds-k1t671_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t671:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:hikvision:ds-k1t343efwx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t343efwx:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:hikvision:ds-k1t343efx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t343efx:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:hikvision:ds-k1t343ewx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t343ewx:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:hikvision:ds-k1t343ex_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t343ex:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:hikvision:ds-k1t343mfwx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t343mfwx:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:hikvision:ds-k1t343mfx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t343mfx:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:hikvision:ds-k1t343mwx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t343mwx:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:hikvision:ds-k1t343mx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t343mx:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:hikvision:ds-k1t341c_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t341c:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:hikvision:ds-k1t320efwx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t320efwx:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:hikvision:ds-k1t320efx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t320efx:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:hikvision:ds-k1t320ewx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t320ewx:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:hikvision:ds-k1t320ex_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t320ex:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:hikvision:ds-k1t320mfwx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t320mfwx:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:hikvision:ds-k1t320mfx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t320mfx:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:hikvision:ds-k1t320mwx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t320mwx:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:hikvision:ds-k1t320mx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-k1t320mx:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:hikvision:ds-kh6320-wte1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-kh6320-wte1:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:hikvision:ds-kh6350-wte1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-kh6350-wte1:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:hikvision:ds-kh6351-te1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-kh6351-te1:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:hikvision:ds-kh6351-wte1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-kh6351-wte1:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:hikvision:ds-kh6320-le1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-kh6320-le1:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:hikvision:ds-kh63le1\(b\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-kh63le1\(b\):-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:hikvision:ds-kh6320-tde1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-kh6320-tde1:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:hikvision:ds-kh6320-te1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-kh6320-te1:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:hikvision:ds-kh6320-wtde1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-kh6320-wtde1:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:hikvision:ds-kh8520-wte1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-kh8520-wte1:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:hikvision:ds-kh6220-le1_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-kh6220-le1:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:hikvision:ds-kh9310-wte1\(b\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-kh9310-wte1\(b\):-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:hikvision:ds-kh9510-wte1\(b\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:hikvision:ds-kh9510-wte1\(b\):-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-32445	Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.

Fixes

Solution

https://www.hikvision.com/en/support/download/firmware/

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/

History

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.0101}`	epss `{'score': 0.00746}`

Thu, 12 Dec 2024 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: hikvision

Published: 2023-06-15T00:00:00

Updated: 2024-12-12T21:10:28.899Z

Reserved: 2023-03-23T00:00:00

Link: CVE-2023-28810

Vulnrichment

Updated: 2024-08-02T13:51:38.295Z

NVD

Status : Modified

Published: 2023-06-15T22:15:09.307

Modified: 2024-11-21T07:56:03.773

Link: CVE-2023-28810

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

Metrics

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object