CVE-2020-22253 : Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB

Xiongmai Technology Co devices AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2, AHB7808R-MS, AHB7808T-MS-V2, AHB7804R-LMS, and HI3518E_50H10L_S39 were all discovered to have port 9530 open which allows unauthenticated attackers to make arbitrary Telnet connections with the victim device.

Published 2022-04-06 23:15:09

Updated 2022-04-15 16:58:28

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2020-22253

Xiongmaitech » Ahb7008t-mh-v2 Firmware » Version: 4.02.r11.7601.nat.onvifc.20170420
cpe:2.3:o:xiongmaitech:ahb7008t-mh-v2_firmware:4.02.r11.7601.nat.onvifc.20170420:*:*:*:*:*:*:*
Matching versions
When used together with: Xiongmaitech » Ahb7008t-mh-v2 » Version: N/A
Xiongmaitech » Ahb7804r-els Firmware » Version: 4.02.r11.nat.onvifc.20160422
cpe:2.3:o:xiongmaitech:ahb7804r-els_firmware:4.02.r11.nat.onvifc.20160422:*:*:*:*:*:*:*
Matching versions
When used together with: Xiongmaitech » Ahb7804r-els » Version: N/A
Xiongmaitech » Ahb7804r-mh-v2 Firmware » Version: 4.02.r11.7601.nat.onvifc.20170424
cpe:2.3:o:xiongmaitech:ahb7804r-mh-v2_firmware:4.02.r11.7601.nat.onvifc.20170424:*:*:*:*:*:*:*
Matching versions
When used together with: Xiongmaitech » Ahb7804r-mh-v2 » Version: N/A
Xiongmaitech » Ahb7808r-ms-v2 Firmware » Version: 4.02.r11.nat.onvifc.20170327
cpe:2.3:o:xiongmaitech:ahb7808r-ms-v2_firmware:4.02.r11.nat.onvifc.20170327:*:*:*:*:*:*:*
Matching versions
When used together with: Xiongmaitech » Ahb7808r-ms-v2 » Version: N/A
Xiongmaitech » Ahb7808r-ms Firmware » Version: 4.02.r11.nat.onvifc.20170328
cpe:2.3:o:xiongmaitech:ahb7808r-ms_firmware:4.02.r11.nat.onvifc.20170328:*:*:*:*:*:*:*
Matching versions
When used together with: Xiongmaitech » Ahb7808r-ms » Version: N/A
Xiongmaitech » Ahb7808t-ms-v2 Firmware » Version: 4.02.r11.nat.onvifc.20161205
cpe:2.3:o:xiongmaitech:ahb7808t-ms-v2_firmware:4.02.r11.nat.onvifc.20161205:*:*:*:*:*:*:*
Matching versions
When used together with: Xiongmaitech » Ahb7808t-ms-v2 » Version: N/A
Xiongmaitech » Ahb7804r-lms Firmware » Version: 4.02.r11.nat.onvifc.20170301
cpe:2.3:o:xiongmaitech:ahb7804r-lms_firmware:4.02.r11.nat.onvifc.20170301:*:*:*:*:*:*:*
Matching versions
When used together with: Xiongmaitech » Ahb7804r-lms » Version: N/A
Xiongmaitech » Hi3518e 50h10l S39 Firmware » Version: 4.02.r12.nat.onvifs.20170727 All
cpe:2.3:o:xiongmaitech:hi3518e_50h10l_s39_firmware:4.02.r12.nat.onvifs.20170727_all:*:*:*:*:*:*:*
Matching versions
When used together with: Xiongmaitech » Hi3518e 50h10l S39 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2020-22253

EPSS FAQ

0.62%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 69 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-22253

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
9.8	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

References for CVE-2020-22253

http://www.xiongmaitech.com/en/index.php/news/info/12/68

Mitigation;Vendor Advisory

Jump to

Vulnerability Details : CVE-2020-22253

Products affected by CVE-2020-22253

Exploit prediction scoring system (EPSS) score for CVE-2020-22253

CVSS scores for CVE-2020-22253

References for CVE-2020-22253