VDB

CVE-2024-12569

CVE-2024-12569 PUBLISHED CVSS 5.199999809265137 MEDIUM

Disclosure of sensitive information in HikVision camera driver's log file in XProtect Device Pack allows an attacker to read camera credentials stored in the Recording Server under specific conditions.

EPSS 0.14% · 33.0th percentile

Risk Scores

CVSS v4.0
5.199999809265137
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
EPSS Score
0.14%
33.0th percentile

Affected Products

VendorProductVersions
Milestone SystemsXProtect VMS0, 0

Timeline

  • Dec 19, 2024 CVE Published
  • Dec 19, 2024 PoC Published
  • Dec 19, 2024 PoC Published
  • Dec 20, 2024 EPSS Score
  • Dec 20, 2024 CVE Updated
  • Jan 5, 2025 EPSS Score
  • Jan 7, 2025 PoC Published
  • Jan 16, 2025 PoC Published
  • Jan 22, 2025 EPSS Score
  • Feb 7, 2025 EPSS Score
  • Feb 24, 2025 EPSS Score
  • Mar 12, 2025 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›