CVE-2022-4987

216.73.217.22

· Published 03/04/2026 21:17 · Modified 03/04/2026 21:17

Labels: CVE-2022-4987 2026-04-03 CVE-2022-4987 CWE-426 [email protected]

Essential information

Published: 03/04/2026 21:17
Modified: 03/04/2026 21:17
Author: —
Creator: —
CVSS: 7.0 HIGH (v3) 7.0 HIGH (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

Hirschmann Industrial HiVision version 08.1.03 prior to 08.1.04 and 08.2.00 contains a vulnerability in the execution of user-configured external applications that allows a local attacker to execute arbitrary binaries. Due to insufficient path sanitization, an attacker can place a malicious binary in the execution path of a configured external application, causing it to be executed instead of the intended application. This can result in execution with elevated privileges depending on the context of the external application.

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
hirschmann / industrial hivision	`cpe:2.3:a:hirschmann:industrial_hivision:<08.1.04:::::::*`
hirschmann / industrial hivision	`cpe:2.3:a:hirschmann:industrial_hivision:08.2.00:::::::*`