Identifier Title Version Last Updated

BSECV-2017-12

Vulnerability in the bundled Java Runtime Environment let's local users execute arbitrary code in Industrial HiVision, HiFusion and HiView
         
1.0

 

Aug 11, 2017

BSECV-2017-10

ProSoft ICX35 User Interface Input Validation Issue
         
1.0

 

May 8, 2017
BSECV-2017-9 ProSoft ICX35 Authentication Vulnerability
         
1.0

 

May 8, 2017
BSECV-2017-8 Belden GarrettCom MNS 6K and 10K Device Access and Security Key Vulnerabilities
         
1.0

 

May 8, 2017
BSECV-2017-3 Potential false forward of IPv4 multicast / broadcast traffic by HiLCOS Layer-2 Firewall
         
1.0

 

May 8, 2017
BSECV-2017-7 Possible Request Forgery Vulnerabilities for GECKO Devices
         
1.0

 

April 7, 2017
BSECV-2017-1 Restricted user roles may gain write access to devices managed by Industrial HiVision
         
1.0

 

Jan 6, 2017
BSECV-2016-5 Possible Information Disclosure for GECKO Devices
         
1.0

 

Dec 19, 2016
BSECV-2016-4 HiOS TCP Initial Sequence Number Predictability
         
1.0

 

Jun 6, 2016
BSECV-2016-2 Password Synchronization with SNMP v1/v2 Communities
         
1.1

 

Dec 19, 2016
BSECV-2016-1 GECKO authentication bypass
         
1.0

 

Mar 7, 2016
BSECV-2015-5 Identical SSH and SSL default keys in HiLCOS products
     
1.0

 

Dec 11, 2015
BSECV-2015-4,
CVE-2008-0960
SNMPv3 Authentication Bypass 1.0

 

Jul 10, 2015

 

BSECV-2015-3

 

Belden GarrettCom MNS 6K and 10K Security Keys, Embedded Password,
Cross-site Scripting and Web Server DOS Vulnerabilities
1.0

 

Jun 5, 2015

 

BSECV-2015-2 Earlier versions of HiView do not verify the server identity for HTTPS and SSH 1.0 Jan 21, 2015