{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6096", "assignerOrgId": "fc9afe74-3f80-4fb7-a313-e6f036a89882", "state": "PUBLISHED", "assignerShortName": "Hanwha_Vision", "dateReserved": "2023-11-13T09:07:04.294Z", "datePublished": "2024-04-26T07:16:12.080Z", "dateUpdated": "2024-08-02T08:21:17.318Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "HRX-1620", "vendor": "Hanwha Vision Co., Ltd.", "versions": [{"status": "affected", "version": "3.05.62 and prior versions"}]}], "datePublic": "2024-04-26T07:08:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n\n<div><div>Vladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate encryption logic on the DVR. firmware encryption is broken and allows to decrypt. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.</div><br></div>\n\n"}], "value": "\nVladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate encryption logic on the DVR. firmware encryption is broken and allows to decrypt. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-668", "description": "CWE-668 Exposure of Resource to Wrong Sphere", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "fc9afe74-3f80-4fb7-a313-e6f036a89882", "shortName": "Hanwha_Vision", "dateUpdated": "2024-04-26T07:16:12.080Z"}, "references": [{"url": "https://www.hanwhavision.com/wp-content/uploads/2024/04/NVR-DVR-Vulnerability-Report-CVE-2023-6095-6096.pdf"}], "source": {"discovery": "UNKNOWN"}, "title": "using a inappropriate encryption logic", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6096", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-26T16:12:56.278086Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:hanwhavision:xrn-2010:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2010", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:hanwhavision:xrn-2010a:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2010a", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:hanwhavision:xrn-2011:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2011", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:hanwhavision:xrn-2010:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2010", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:hanwhavision:xrn-2010a:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2010a", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:hanwhavision:xrn-2011:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2011", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:hanwhavision:xrn-2011a:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2011a", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:xrn-3010a:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-3010a", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:arn-3250:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "arn-3250", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:xrn-810s:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-810s", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:xrn-410s:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-410s", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:qrn-810:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "qrn-810", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:qrn-410:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "qrn-410", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:hrx-1621:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "hrx-1621", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:hrx-1620:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "hrx-1620", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:hrx-821:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "hrx-821", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:hrx-820:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "hrx-820", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:hrx-421:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "hrx-421", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:hrx-420:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "hrx-420", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:xrn-420s:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-420s", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:qrn-430s:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "qrn-430s", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:qrn-430s:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "qrn-430s", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:16:54.886Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:21:17.318Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.hanwhavision.com/wp-content/uploads/2024/04/NVR-DVR-Vulnerability-Report-CVE-2023-6095-6096.pdf", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.hanwhavision.com/wp-content/uploads/2024/04/NVR-DVR-Vulnerability-Report-CVE-2023-6095-6096.pdf", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:21:17.318Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6096", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-26T16:12:56.278086Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:hanwhavision:xrn-2010:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2010", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:hanwhavision:xrn-2010a:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2010a", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:hanwhavision:xrn-2011:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2011", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:hanwhavision:xrn-2010:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2010", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:hanwhavision:xrn-2010a:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2010a", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:hanwhavision:xrn-2011:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2011", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:hanwhavision:xrn-2011a:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-2011a", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:xrn-3010a:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-3010a", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:arn-3250:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "arn-3250", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:xrn-810s:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-810s", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:xrn-410s:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-410s", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:qrn-810:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "qrn-810", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:qrn-410:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "qrn-410", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:hrx-1621:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "hrx-1621", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:hrx-1620:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "hrx-1620", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:hrx-821:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "hrx-821", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:hrx-820:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "hrx-820", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:hrx-421:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "hrx-421", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:hrx-420:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "hrx-420", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:xrn-420s:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "xrn-420s", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:qrn-430s:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "qrn-430s", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:hanwhavision:qrn-430s:*:*:*:*:*:*:*:*"], "vendor": "hanwhavision", "product": "qrn-430s", "versions": [{"status": "affected", "version": "*"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-26T16:56:06.922Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "using a inappropriate encryption logic", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hanwha Vision Co., Ltd.", "product": "HRX-1620", "versions": [{"status": "affected", "version": "3.05.62 and prior versions"}], "defaultStatus": "unaffected"}], "datePublic": "2024-04-26T07:08:00.000Z", "references": [{"url": "https://www.hanwhavision.com/wp-content/uploads/2024/04/NVR-DVR-Vulnerability-Report-CVE-2023-6095-6096.pdf"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "\nVladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate encryption logic on the DVR. firmware encryption is broken and allows to decrypt. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.\n\n", "supportingMedia": [{"type": "text/html", "value": "\n\n<div><div>Vladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate encryption logic on the DVR. firmware encryption is broken and allows to decrypt. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.</div><br></div>\n\n", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-668", "description": "CWE-668 Exposure of Resource to Wrong Sphere"}]}], "providerMetadata": {"orgId": "fc9afe74-3f80-4fb7-a313-e6f036a89882", "shortName": "Hanwha_Vision", "dateUpdated": "2024-04-26T07:16:12.080Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6096", "state": "PUBLISHED", "dateUpdated": "2024-08-02T08:21:17.318Z", "dateReserved": "2023-11-13T09:07:04.294Z", "assignerOrgId": "fc9afe74-3f80-4fb7-a313-e6f036a89882", "datePublished": "2024-04-26T07:16:12.080Z", "assignerShortName": "Hanwha_Vision"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "\nVladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate encryption logic on the DVR. firmware encryption is broken and allows to decrypt. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.\n\n"}, {"lang": "es", "value": "Vladimir Kononovich, un investigador de seguridad, encontr\u00f3 una falla que implica el uso de una l\u00f3gica de cifrado inapropiada en el DVR. El cifrado del firmware est\u00e1 roto y permite descifrarlo. El fabricante ha publicado un parche de firmware para la falla; consulte el informe del fabricante para obtener detalles y soluciones alternativas."}], "id": "CVE-2023-6096", "lastModified": "2024-04-26T12:58:17.720", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 5.9, "source": "fc9afe74-3f80-4fb7-a313-e6f036a89882", "type": "Secondary"}]}, "published": "2024-04-26T08:15:11.583", "references": [{"source": "fc9afe74-3f80-4fb7-a313-e6f036a89882", "url": "https://www.hanwhavision.com/wp-content/uploads/2024/04/NVR-DVR-Vulnerability-Report-CVE-2023-6095-6096.pdf"}], "sourceIdentifier": "fc9afe74-3f80-4fb7-a313-e6f036a89882", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-668"}], "source": "fc9afe74-3f80-4fb7-a313-e6f036a89882", "type": "Secondary"}]}

{}