THREAT SUMMARY

Hikvision has officially disclosed three significant vulnerabilities impacting various versions of its HikCentral products (HikCentral Master Lite, FocSign, and Professional).

• CVE-2025-39247 (Critical, CVSS 8.6): Affects HikCentral Professional V2.3.1–V2.6.2 and V3.0.0. Allows unauthenticated remote attackers to gain full admin access due to missing authentication checks.

• CVE-2025-39246 (CVSS 5.3): Affects FocSign V1.4.0–V2.2.0. Unquoted service path vulnerability.

• CVE-2025-39245 (CVSS 4.7): Affects Master Lite V2.2.1–V2.3.2. CSV injection issue.

WHY IT MATTERS: Exploitation of CVE-2025-39247 could allow attackers to control surveillance, access control, and alarm systems, potentially disabling or manipulating critical security infrastructure.

REQUIRED ACTIONS:

• Upgrade immediately – Professional → V2.6.3 / V3.0.1; Master Lite → V2.4.0; FocSign → V2.3.0.
• Obtain patches via Hikvision Security Response Center (HSRC).
• Restrict and monitor network/API access until patched.
• Validate fixes with post-patch security testing.

Immediate patching is strongly recommended