Cyber Resilience

CVE-2017-20235

CriticalPublic PoC

Published: 03 April 2026

Published
03 April 2026
Modified
22 April 2026
KEV Added
Patch
CVSS Score v4 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0045 35.9th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2017-20235 is a critical-severity Improper Authentication (CWE-287) vulnerability in Prosoft-Technology Icx35-Hwc Firmware. Its CVSS base score is 9.3 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 35.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-2 (Identification and Authentication (Organizational Users)).

Deeper analysis

CVE-2017-20235 is an authentication bypass vulnerability (CWE-287) in the web user interface of ProSoft Technology ICX35-HWC cellular gateways running version 1.3 and prior. It enables unauthenticated attackers to access administrative functions without valid credentials by bypassing the authentication mechanism in affected firmware versions. The vulnerability carries a CVSS v3.1 base score of 9.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N), indicating high confidentiality and integrity impacts with no availability disruption.

Unauthenticated remote attackers with network access to the device's web interface can exploit this issue to gain full administrative privileges over the gateway. Successful exploitation allows attackers to modify device configuration and settings arbitrarily, potentially enabling unauthorized network access, data manipulation, or use of the gateway as a pivot for further attacks.

Mitigation guidance is detailed in the Belden Security Bulletin BSECV-2017-09 (https://assets.belden.com/m/1281cac2c9e90abf/original/Security-Bulletin-Authentication-Security-ProSoft-ICX35-BSECV-2017-09.pdf) and the VulnCheck advisory (https://www.vulncheck.com/advisories/prosoft-technology-icx35-hwc-authentication-bypass). Security practitioners should review these resources for firmware updates, patching procedures, and any recommended workarounds.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

ProSoft Technology ICX35-HWC version 1.3 and prior cellular gateways contain an authentication bypass vulnerability in the web user interface that allows unauthenticated attackers to gain access to administrative functions without valid credentials. Attackers can bypass the authentication mechanism in affected…

more

firmware versions to obtain full administrative access to device configuration and settings.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Auth bypass in network-accessible web admin UI directly enables remote exploitation of a public-facing application for admin access and config modification.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2017-20236Same product: Prosoft-Technology Icx35-Hwc
CVE-2025-1044Shared CWE-287
CVE-2026-1740Shared CWE-287
CVE-2026-7022Shared CWE-287
CVE-2024-13111Shared CWE-287
CVE-2026-29145Shared CWE-287
CVE-2018-25236Shared CWE-287
CVE-2024-53704Shared CWE-287
CVE-2024-57049Shared CWE-287
CVE-2025-12374Shared CWE-287

Affected Assets

prosoft-technology
icx35-hwc firmware
≤ 1.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Flaw remediation requires timely patching of the vulnerable firmware to eliminate the authentication bypass in the web user interface.

prevent

Identification and authentication for organizational users ensures valid credentials are required before granting administrative access via the web interface.

prevent

Access enforcement mechanisms prevent unauthenticated attackers from reaching administrative functions despite the bypass vulnerability.

References