There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.
History

Sun, 31 Aug 2025 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Hikvision
Hikvision hikcentral Professional
Vendors & Products Hikvision
Hikvision hikcentral Professional

Fri, 29 Aug 2025 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 29 Aug 2025 02:30:00 +0000

Type Values Removed Values Added
Description There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.
References
Metrics cvssV3_1

{'score': 8.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: hikvision

Published:

Updated: 2025-08-29T13:32:18.140Z

Reserved: 2025-04-16T05:37:51.248Z

Link: CVE-2025-39247

cve-icon Vulnrichment

Updated: 2025-08-29T13:32:06.644Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-08-29T03:15:39.050

Modified: 2025-08-29T16:24:29.730

Link: CVE-2025-39247

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-08-31T08:41:40Z