Skip to main content
Back to Hanwha Vision Tech Support Portal

Spring4Shell Spring Core RCE-0 Day Vulnerability in JDK 9+

  • Updated

Applies to Models: All Hanwha Camera, Recorders, WAVE, Wisenet SKY, OSSA camera, and SSM

Summary

All Hanwha cameras, recorders, WAVE, Wisenet SKY, OSSA cameras, and SSM have no vulnerability found on the Spring4Shell Framework CVE-2022-22965 (Spring4Shell), CVE-2022-22963 Vulnerability.

Vulnerability Status

  • Hanwha cameras and recorders do not use Java Framework, there is no vulnerability found.

  • All Wisenet WAVE services including WAVE Sync, do not use Java Framework thus there is no vulnerability found.

  • Wisenet SKY, Eagle Eye Networks checked with Ops, and our scans report CLEAN. No vulnerability found. Wisenet SKY is not affected by Spring4Shell vulnerability.

  • OSSA Camera, Azuna OS does not use Spring Framework thus it does not have this vulnerability. A related Spring library (passay) referenced code was found but this could work only if there was the Spring framework.

Related articles