CVE-2023-28810

Name: CVE-2023-28810
Creator: NVD / NIST
Published: 2023-06-15T22:15:09.307+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 4.3/10EPSS 10.40%

Last modified Jun 17, 2026

CVE-2023-28810 is a medium-severity vulnerability rated 4.3/10 on the CVSS scale. Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.. EPSS estimates a 10.40% chance of exploitation in the next 30 days.

Description

Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network.

Metrics

CVSS 3.1

4.3/10

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

EPSS Probability

10.40%

95.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-284

Affected Software

Vendor	Product	Versions
Hikvision	Ds-K1t804af Firmware	<= 1.4.0_build221212
Hikvision	Ds-K1t804amf Firmware	<= 1.4.0_build221212
Hikvision	Ds-K1t341am Firmware	<= 3.2.30_build221223
Hikvision	Ds-K1t341amf Firmware	<= 3.2.30_build221223
Hikvision	Ds-K1t671m Firmware	<= 3.2.30_build221223
Hikvision	Ds-K1t671mf Firmware	<= 3.2.30_build221223
Hikvision	Ds-K1t671 Firmware	<= 3.2.30_build221223
Hikvision	Ds-K1t343efwx Firmware	<= 3.14.0_build230117
Hikvision	Ds-K1t343efx Firmware	<= 3.14.0_build230117
Hikvision	Ds-K1t343ewx Firmware	<= 3.14.0_build230117
Hikvision	Ds-K1t343ex Firmware	<= 3.14.0_build230117
Hikvision	Ds-K1t343mfwx Firmware	<= 3.14.0_build230117
Hikvision	Ds-K1t343mfx Firmware	<= 3.14.0_build230117
Hikvision	Ds-K1t343mwx Firmware	<= 3.14.0_build230117
Hikvision	Ds-K1t343mx Firmware	<= 3.14.0_build230117
Hikvision	Ds-K1t341c Firmware	<= 3.3.8_build230112
Hikvision	Ds-K1t320efwx Firmware	<= 3.5.0_build220706
Hikvision	Ds-K1t320efx Firmware	<= 3.5.0_build220706
Hikvision	Ds-K1t320ewx Firmware	<= 3.5.0_build220706
Hikvision	Ds-K1t320ex Firmware	<= 3.5.0_build220706
Hikvision	Ds-K1t320mfwx Firmware	<= 3.5.0_build220706
Hikvision	Ds-K1t320mfx Firmware	<= 3.5.0_build220706
Hikvision	Ds-K1t320mwx Firmware	<= 3.5.0_build220706
Hikvision	Ds-K1t320mx Firmware	<= 3.5.0_build220706
Hikvision	Ds-Kh6320-Wte1 Firmware	<= 2.2.8_build230219
Hikvision	Ds-Kh6350-Wte1 Firmware	<= 2.2.8_build230219
Hikvision	Ds-Kh6351-Te1 Firmware	<= 2.2.8_build230219
Hikvision	Ds-Kh6351-Wte1 Firmware	<= 2.2.8_build230219
Hikvision	Ds-Kh6320-Le1 Firmware	<= 2.2.8_build230219
Hikvision	Ds-Kh63le1\(B\) Firmware	<= 2.2.8_build230219
Hikvision	Ds-Kh6320-Tde1 Firmware	<= 2.2.8_build230219
Hikvision	Ds-Kh6320-Te1 Firmware	<= 2.2.8_build230219
Hikvision	Ds-Kh6320-Wtde1 Firmware	<= 2.2.8_build230219
Hikvision	Ds-Kh8520-Wte1 Firmware	<= 2.2.8_build230219
Hikvision	Ds-Kh6220-Le1 Firmware	<= 1.4.62_build220414
Hikvision	Ds-Kh9310-Wte1\(B\) Firmware	<= 2.1.76_build230204
Hikvision	Ds-Kh9510-Wte1\(B\) Firmware	<= 2.1.76_build230204

References

Timeline

Published: Jun 15, 2023
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2023-28810?

How severe is CVE-2023-28810?

CVE-2023-28810 has a CVSS score of 4.3/10 (MEDIUM severity). The EPSS model estimates a 10.40% probability of exploitation in the next 30 days.

How do I fix CVE-2023-28810?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-28810?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST