Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-9528

EPSS 0.18% · P39
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-9528

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from cryptographic issues that allow remote attackers to access user session data, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices. This affects products marketed under the following brand names: Accfly, Alptop, Anlink, Besdersec, BOAVISION, COOAU, CPVAN, Ctronics, D3D Security, Dericam, Elex System, Elite Security, ENSTER, ePGes, Escam, FLOUREON, GENBOLT, Hongjingtian (HJT), ICAMI, Iegeek, Jecurity, Jennov, KKMoon, LEFTEK, Loosafe, Luowice, Nesuniq, Nettoly, ProElite, QZT, Royallite, SDETER, SV3C, SY2L, Tenvis, ThinkValue, TOMLOV, TPTEK, WGCC, and ZILINK.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Shenzhen Hichip Vision Technology Firmware 加密问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Shenzhen Hichip Vision Technology Firmware是中国深圳海芯威视(Shenzhen Hichip Vision)公司的一款用于物联网设备中的固件。 Shenzhen Hichip Vision Technology Firmware V6版本至V20版本中存在加密问题漏洞。远程攻击者可利用该漏洞访问用户会话数据。以下厂商受到影响:Accfly;Alptop;Anlink;Besdersec;BOAVISION;COOAU;CPVAN;Ctronics;D3D Secu
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2020-9528

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-9528

登录查看更多情报信息。

Same Patch Batch · n/a · 2020-08-10 · 20 CVEs total

CVE-2020-17478Perl Crypt::Perl 安全漏洞
CVE-2020-6145ERPNext SQL注入漏洞
CVE-2020-6070fsck.f2fs 安全漏洞
CVE-2020-8229Nextcloud Desktop Client 资源管理错误漏洞
CVE-2020-8224Nextcloud Desktop Client 代码注入漏洞
CVE-2020-9525CS2 Network P2P 信任管理问题漏洞
CVE-2020-9526CS2 Network P2P 信息泄露漏洞
CVE-2020-9527Shenzhen Hichip Vision Technology Firmware 安全漏洞
CVE-2020-9529Shenzhen Hichip Vision Technology Firmware 安全漏洞
CVE-2020-17476Mibew Messenger 跨站脚本漏洞
CVE-2020-16278Carson&SAINT SAINT Security Suite 跨站脚本漏洞
CVE-2020-9243Huawei Mate 30 安全漏洞
CVE-2020-9078Huawei FusionCompute 安全漏洞
CVE-2020-17479Json Pattern Validator 输入验证错误漏洞
CVE-2020-9245Huawei P30和P30 Pro 授权问题漏洞
CVE-2020-17480Tiny Technologies TinyMCE 跨站脚本漏洞
CVE-2020-16275Carson&SAINT SAINT Security Suite 跨站脚本漏洞
CVE-2020-16276Carson&SAINT SAINT Security Suite SQL注入漏洞
CVE-2020-16277Carson&SAINT SAINT Security Suite SQL注入漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2020-9528

No comments yet

Leave a comment