CVE-2020-22253
Last modified
CVE-2020-22253 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 open which allows unauthenticated attackers to make arbitrary Telnet connections with the victim device.. EPSS estimates a 1.06% chance of exploitation in the next 30 days.
Description
Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 open which allows unauthenticated attackers to make arbitrary Telnet connections with the victim device.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Xiongmaitech | Ahb7008t-Mh-V2 Firmware | 4.02.r11.7601.nat.onvifc.20170420 |
| Xiongmaitech | Ahb7804r-Els Firmware | 4.02.r11.nat.onvifc.20160422 |
| Xiongmaitech | Ahb7804r-Mh-V2 Firmware | 4.02.r11.7601.nat.onvifc.20170424 |
| Xiongmaitech | Ahb7808r-Ms-V2 Firmware | 4.02.r11.nat.onvifc.20170327 |
| Xiongmaitech | Ahb7808r-Ms Firmware | 4.02.r11.nat.onvifc.20170328 |
| Xiongmaitech | Ahb7808t-Ms-V2 Firmware | 4.02.r11.nat.onvifc.20161205 |
| Xiongmaitech | Ahb7804r-Lms Firmware | 4.02.r11.nat.onvifc.20170301 |
| Xiongmaitech | Hi3518e 50h10l S39 Firmware | 4.02.r12.nat.onvifs.20170727_all |
References
- http://www.xiongmaitech.com/en/index.php/news/info/12/68Mitigation, Vendor Advisory
- http://www.xiongmaitech.com/en/index.php/news/info/12/68Mitigation, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-22253?
How severe is CVE-2020-22253?
How do I fix CVE-2020-22253?
Are you affected by CVE-2020-22253?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST