Browse all 3 CVE security advisories affecting Elsight. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Elsight provides secure video and data transmission solutions for critical operations, primarily serving defense, healthcare, and enterprise sectors with its core platform for real-time communication. Historically, the organization's products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and authentication flaws. While no major public security incidents have been widely documented, the three CVEs on record highlight persistent weaknesses in access control and secure coding practices. The company's focus on encrypted communications contrasts with its historical vulnerability profile, indicating potential areas for security improvement in its software development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-45252 | Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') — Halo version 11.7.1.5CWE-78 | 9.8 | Critical | 2024-10-06 |
| CVE-2024-45251 | Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') — Halo version 11.7.1.5CWE-78 | 9.8 | Critical | 2024-10-06 |
| CVE-2022-36784 | Elsight – Elsight Halo Remote Code Execution (RCE) — Elsight Halo | 9.8 | Critical | 2022-11-17 |
This page lists every published CVE security advisory associated with Elsight. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.