Primary

Context

Hirschmann Industrial HiVision Improper Authorization Vulnerability Allowing Privilege Escalation

Vulnerability

A vulnerability exists in Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01, allowing read-only users to gain write access to managed devices by bypassing access control. This improper authorization can be exploited through alternative interfaces such as the web interface or SNMP browser, enabling unauthorized modifications to device configurations.

Impact

Exploitation of this vulnerability could lead to unauthorized write access on devices managed by Industrial HiVision, allowing users to modify device configurations without proper permissions.

Remediation

Users can update to Hirschmann Industrial HiVision versions 06.0.06 or 07.0.01, which restore the intended access controls for restricted user roles.

Added: Apr 3, 2026, 11:30 PM

Updated: Apr 3, 2026, 11:30 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

5.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

0.0

relevance

5.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Hirschmann Industrial HiVision Improper Authorization Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating