Hik Connect App
Monthly
Hikvision Hik-Connect App fails to enforce strict directory access permissions, allowing other locally-installed applications to read sensitive information stored by the app on the device filesystem. The vulnerability requires local access and high attack complexity but poses information disclosure risk to users with multiple apps on the same device. No public exploit or active exploitation has been identified; CVSS score of 2.9 reflects the local-only attack vector and limited confidentiality impact.
Hikvision Hik-Connect App fails to enforce strict directory access permissions, allowing other locally-installed applications to read sensitive information stored by the app on the device filesystem. The vulnerability requires local access and high attack complexity but poses information disclosure risk to users with multiple apps on the same device. No public exploit or active exploitation has been identified; CVSS score of 2.9 reflects the local-only attack vector and limited confidentiality impact.