CVE-2023-6096

{"id": "CVE-2023-6096", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "fc9afe74-3f80-4fb7-a313-e6f036a89882", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.4}]}, "published": "2024-04-26T08:15:11.583", "references": [{"url": "https://www.hanwhavision.com/wp-content/uploads/2024/04/NVR-DVR-Vulnerability-Report-CVE-2023-6095-6096.pdf", "source": "fc9afe74-3f80-4fb7-a313-e6f036a89882"}, {"url": "https://www.hanwhavision.com/wp-content/uploads/2024/04/NVR-DVR-Vulnerability-Report-CVE-2023-6095-6096.pdf", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "fc9afe74-3f80-4fb7-a313-e6f036a89882", "description": [{"lang": "en", "value": "CWE-668"}]}], "descriptions": [{"lang": "en", "value": "\nVladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate encryption logic on the DVR. firmware encryption is broken and allows to decrypt. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.\n\n"}, {"lang": "es", "value": "Vladimir Kononovich, un investigador de seguridad, encontr\u00f3 una falla que implica el uso de una l\u00f3gica de cifrado inapropiada en el DVR. El cifrado del firmware est\u00e1 roto y permite descifrarlo. El fabricante ha publicado un parche de firmware para la falla; consulte el informe del fabricante para obtener detalles y soluciones alternativas."}], "lastModified": "2024-11-21T08:43:07.640", "sourceIdentifier": "fc9afe74-3f80-4fb7-a313-e6f036a89882"}