CVE-2017-20238
Published: 03 April 2026
Summary
CVE-2017-20238 is a high-severity Improper Authorization (CWE-285) vulnerability. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 0.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Deeper analysis
CVE-2017-20238 is an improper authorization vulnerability (CWE-285) affecting Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01. The flaw enables read-only users to bypass access control mechanisms, gaining unauthorized write access to managed devices through alternative interfaces such as the web interface or SNMP browser.
The vulnerability has a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N). A low-privileged (read-only) user with network access can exploit it with low attack complexity and no user interaction required. Exploitation allows the attacker to modify configurations of managed devices, achieving high integrity impact alongside low confidentiality impact.
Advisories from Belden (Security Bulletin: Restricted User Roles Write Access HiVision 2017-01) and Vulncheck detail the issue and recommend upgrading to Hirschmann Industrial HiVision versions 06.0.06 or 07.0.01 to mitigate the vulnerability.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2017-18963
Vulnerability details
Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01 contains an improper authorization vulnerability that allows read-only users to gain write access to managed devices by bypassing access control mechanisms. Attackers can exploit alternative interfaces such as…
more
the web interface or SNMP browser to modify device configurations despite having restricted permissions.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Improper authorization (CWE-285) directly enables a low-privileged read-only user to escalate to unauthorized write access on managed devices.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Enforces approved authorizations to prevent read-only users from bypassing access controls and gaining write access to managed devices via alternative interfaces.
Applies least privilege principle to restrict read-only users from performing unauthorized write operations on managed devices.
Remediates the improper authorization vulnerability by requiring timely patching to fixed Hirschmann HiVision versions 06.0.06 or 07.0.01.