CVE-2017-20235
Published: 03 April 2026
Summary
CVE-2017-20235 is a critical-severity Improper Authentication (CWE-287) vulnerability in Prosoft-Technology Icx35-Hwc Firmware. Its CVSS base score is 9.3 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 35.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-2 (Identification and Authentication (Organizational Users)).
Deeper analysis
CVE-2017-20235 is an authentication bypass vulnerability (CWE-287) in the web user interface of ProSoft Technology ICX35-HWC cellular gateways running version 1.3 and prior. It enables unauthenticated attackers to access administrative functions without valid credentials by bypassing the authentication mechanism in affected firmware versions. The vulnerability carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N), indicating high confidentiality and integrity impacts with no availability disruption.
Unauthenticated remote attackers with network access to the device's web interface can exploit this issue to gain full administrative privileges over the gateway. Successful exploitation allows attackers to modify device configuration and settings arbitrarily, potentially enabling unauthorized network access, data manipulation, or use of the gateway as a pivot for further attacks.
Mitigation guidance is detailed in the Belden Security Bulletin BSECV-2017-09 (https://assets.belden.com/m/1281cac2c9e90abf/original/Security-Bulletin-Authentication-Security-ProSoft-ICX35-BSECV-2017-09.pdf) and the VulnCheck advisory (https://www.vulncheck.com/advisories/prosoft-technology-icx35-hwc-authentication-bypass). Security practitioners should review these resources for firmware updates, patching procedures, and any recommended workarounds.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2017-18960
Vulnerability details
ProSoft Technology ICX35-HWC version 1.3 and prior cellular gateways contain an authentication bypass vulnerability in the web user interface that allows unauthenticated attackers to gain access to administrative functions without valid credentials. Attackers can bypass the authentication mechanism in affected…
more
firmware versions to obtain full administrative access to device configuration and settings.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Auth bypass in network-accessible web admin UI directly enables remote exploitation of a public-facing application for admin access and config modification.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Flaw remediation requires timely patching of the vulnerable firmware to eliminate the authentication bypass in the web user interface.
Identification and authentication for organizational users ensures valid credentials are required before granting administrative access via the web interface.
Access enforcement mechanisms prevent unauthenticated attackers from reaching administrative functions despite the bypass vulnerability.