CVE-2017-14263

high-risk

Published 2017-09-11

Honeywell NVR devices allow remote attackers to create a user account in the admin group by leveraging access to a guest account to obtain a session ID, and then sending that session ID in a userManager.addUser request to the /RPC2 URI. The attacker can login to the device with that new user account to fully control the device.

Do I need to act?

24.4% chance of exploitation in next 30 days

EPSS score — higher than 76% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.1/10 High

NETWORK / HIGH complexity

Affected Products (7)

Enterprise Dvr Firmware

Maxpro Nvr Hybrid Xe Firmware

Maxpro Nvr Xe Firmware

Maxpro Nvr Pe Firmware

Maxpro Nvr Hybrid Se Firmware

Maxpro Nvr Se Firmware

Fusion Iv Rev C Firmware

Affected Vendors

Honeywell

References (2)

Third Party Advisory https://github.com/zzz66686/Honeywell_NVR_vul

/ 100

high-risk

Severity 24/34 · High

Exploitability 15/34 · Moderate

Exposure 14/34 · Moderate