CVE-2024-2161

Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass authenticationThis issue affects Kiloview NDI N3, N3-s, N4, N20, N30, N40 and was fixed in Firmware version 2.02.0227 .

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.kiloview.com/en/support/download/1779/
https://www.kiloview.com/en/support/download/n20-firmware-download/
https://www.kiloview.com/en/support/download/n3-for-ndi/
https://www.kiloview.com/en/support/download/n3-s-firmware-download/
https://www.kiloview.com/en/support/download/n30-for-ndi/
https://www.kiloview.com/en/support/download/n40/

Configurations

No configuration.

History

21 Mar 2024, 12:58

Type	Values Removed	Values Added
Summary		(es) El uso de credenciales codificadas en Kiloview NDI permite a los usuarios no autenticados omitir la autenticación. Este problema afecta a Kiloview NDI N3, N3-s, N4, N20, N30, N40 y se solucionó en la versión de firmware 2.02.0227.

21 Mar 2024, 06:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-03-21 06:15

Updated : 2024-03-21 12:58

NVD link : CVE-2024-2161

Mitre link : CVE-2024-2161

CVE.ORG link : CVE-2024-2161

JSON object : View

Products Affected

No product.

CWE

CWE-798

Use of Hard-coded Credentials

9.8 /10