CVE-2023-6096

{"id": "CVE-2023-6096", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "fc9afe74-3f80-4fb7-a313-e6f036a89882", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.4}]}, "published": "2024-04-26T08:15:11.583", "references": [{"url": "https://www.hanwhavision.com/wp-content/uploads/2024/04/NVR-DVR-Vulnerability-Report-CVE-2023-6095-6096.pdf", "source": "fc9afe74-3f80-4fb7-a313-e6f036a89882"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "fc9afe74-3f80-4fb7-a313-e6f036a89882", "description": [{"lang": "en", "value": "CWE-668"}]}], "descriptions": [{"lang": "en", "value": "\nVladimir Kononovich, a Security Researcher has found a flaw that using a inappropriate encryption logic on the DVR. firmware encryption is broken and allows to decrypt. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.\n\n"}], "lastModified": "2024-04-26T12:58:17.720", "sourceIdentifier": "fc9afe74-3f80-4fb7-a313-e6f036a89882"}