CVE-2016-7836
Published: 09 June 2017
Summary
CVE-2016-7836 is a critical-severity Improper Authentication (CWE-287) vulnerability in Skygroup Skysea Client View. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 2.8% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-17 (Remote Access) and AC-3 (Access Enforcement).
Deeper analysis
The vulnerability CVE-2016-7836 is an improper authentication flaw (CWE-287) in SKYSEA Client View version 11.221.03 and earlier. It resides in the processing of authentication on the TCP connection with the management console program and permits remote code execution.
Remote attackers can exploit the issue over the network without authentication or user interaction, achieving full compromise of confidentiality, integrity, and availability on affected systems, consistent with the CVSS 3.1 base score of 9.8.
Vendor and security advisories referenced at skyseaclientview.net/news/161221/, skygroup.jp/security-info/170308.html, and jvn.jp/en/jp/JVN84995847/index.html address patches and mitigation steps for the affected product versions. No information on observed real-world exploitation is provided in the source data.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2016-8685
Vulnerability details
SKYSEA Client View Ver.11.221.03 and earlier allows remote code execution via a flaw in processing authentication on the TCP connection with the management console program.
- CWE(s)
- KEV Date Added
- 14 October 2025
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces authentication decisions on the management console TCP connection, blocking the unauthenticated remote code execution path described in CVE-2016-7836.
Requires secure remote-access mechanisms and authentication for the TCP management console channel that the flaw exploits.
Mandates identification and authentication of users before granting access to the affected management console service.