CVE-2025-39247

HIGH

HikCentral Professional - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-39247. PoCs published by Sita-Technologies.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2025-39247, which targets HikCentral Professional. The exploit leverages a pre-authentication endpoint to leak the ActiveCode, allowing an attacker to reset the admin password without authentication.

Description

There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.

Exploits (1)

nomisec WORKING POC
by Sita-Technologies · poc
https://github.com/Sita-Technologies/CVE-2025-39247

This repository contains a functional exploit for CVE-2025-39247, which targets HikCentral Professional. The exploit leverages a pre-authentication endpoint to leak the ActiveCode, allowing an attacker to reset the admin password without authentication.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: HikCentral Professional (HCMP) V2.3.1 - V2.6.2, V3.0.0
No auth needed
Prerequisites: Target must have at least one license activated · Network access to the target system
devstral-2 · analyzed May 22, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 8.6
EPSS 0.0051
EPSS Percentile 39.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-284
Status published
Products (2)
Hikvision/HikCentral Professional Version V3.0.0
Hikvision/HikCentral Professional Versions between V2.3.1 and V2.6.2
Published Aug 29, 2025
Tracked Since Feb 18, 2026