🛡 H3lium@infosec.exchange/:~# :blinking_cursor:<p>"🚨 Critical Security Alert: HikCentral Professional Vulnerabilities Exposed 🚨"</p><p>Hikvision's latest advisory reveals severe vulnerabilities in HikCentral Professional, identified by Michael Dubell and Abdulazeez Omar. CVE-2024-25063 and CVE-2024-25064, with CVSS scores of 7.5 and 4.3 respectively, highlight risks of unauthorized access due to insufficient server-side validation. Users are urged to upgrade to versions above V2.5.1 for enhanced security. Stay vigilant and prioritize updating to safeguard your systems! 🛡️💻🔐</p><p>CVE Summaries:</p><ul><li>CVE-2024-25063: Attackers could exploit server validation flaws to access restricted URLs, compromising confidentiality.</li><li>CVE-2024-25064: Authenticated users could manipulate parameters to access unauthorized resources, posing a lower risk.</li></ul><p>Source: <a href="https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerabilities-in-hikcentral-professional/" rel="nofollow noopener" target="_blank">Hikvision Security Advisory</a></p><p>Tags: <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Hikvision" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hikvision</span></a> <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://infosec.exchange/tags/CVE2024" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE2024</span></a>-25063 <a href="https://infosec.exchange/tags/CVE2024" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE2024</span></a>-25064 <a href="https://infosec.exchange/tags/ServerSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ServerSecurity</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/PatchManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PatchManagement</span></a> 🌍🔒💡</p>