Hikcentral professional
This hub aggregates every CVE we track for Hikcentral professional, a product in the ics ot iot space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
1
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3MEDIUM2CRITICAL1
Monthly trend
0
0
0
1
0
0
0
0
0
0
0
0
1
1
0
0
0
0
0
0
0
0
1
0
2024-072026-06
Latest CVEs
The 6 most recently published vulnerabilities affecting Hikcentral professional.
- CVE-2026-1749There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.6.8
- CVE-2025-39247There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.8.6
- CVE-2025-34067Hikvision Integrated Security Management Platform Remote Command Execution via applyCT Fastjson10.0
- CVE-2024-47487There is a SQL injection vulnerability in some HikCentral Professional versions. This could allow an authenticated user to execute arbitrary SQL queries.8.8
- CVE-2024-25064Due to insufficient server-side validation, an attacker with login privileges could access certain resources that the attacker should not have access to by changing parameter values.4.3
- CVE-2024-25063Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to.7.5
Product normalization is registry-driven with AI assist and human review. How it works