Hikvision has patched a critical vulnerability affecting its Hybrid SAN and cluster storage products, the company informed customers this week.
The vendor has described the vulnerability, identified as CVE-2023-28808, as an access control flaw that can be used to gain administrator privileges by sending specially crafted messages to the targeted device.
Organizations use the impacted products to store video security data, and an attacker could access that data by exploiting the vulnerability. Hikvision stated that it is not aware of in-the-wild exploitation in a notification sent to partners, a copy of which was also shared with SecurityWeek.
Read More: Critical Vulnerability in Hikvision Storage Solutions Exposes Video Security Data
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.