Sencore SMP100 Session Hijacking Vulnerability (CVE-2025-63226) Analysis

Critical Vulnerability Information Vulnerability Overview CVE ID: CVE-2025-63226 Product: Sencore SMP100 SMP Media Platform Affected Firmware Versions: - Mainboard Firmware Version: V4.2.160 - Decoder-CC Version: V60.1.4 - EN2SDI-2H Version: V60.1.29 - EN2SDI-2H Submodule Version: V60.1.1.0 Affected Components: - Session Management - User Management Vulnerability Details Vulnerability Type: Session Hijacking, Unrestricted User Management CWE IDs: - CWE-287: Improper Authentication - CWE-384: Session Fixation - CWE-862: Missing Authorization Impact Severity: High Description: - The Sencore SMP100 SMP Media Platform vulnerability arises from improper session management, enabling session hijacking. Attackers can access the user management endpoint within the same network without any form of authentication. - Attackers can add new users to the system, gaining unauthorized access and performing malicious operations. Attack Vector Access Method: Attacker must be on the same local network as the target Authentication Required: None (target is already logged in) Exploit Complexity: Low Proof of Concept (PoC) Exploitation Method: Session hijacking via Reproduction Steps: 1. Ensure attacker and target are on the same network 2. Ensure target device is logged in and has an active session 3. Attacker accesses the page on the target device’s management interface 4. Attacker adds a new user with full privileges, bypassing security controls 5. Attacker logs in using the newly created user credentials and performs administrative actions Remediation Recommendations Implement secure session handling to ensure session token validity Enforce access control checks Monitor session activity to detect and respond to anomalies Mitigation and Temporary Workarounds Before a patch is released, restrict access to the endpoint, allowing connections only from trusted IP addresses

Goal Reached Thanks to every supporter — we hit 100%!

Sencore SMP100 Session Hijacking Vulnerability (CVE-2025-63226) Analysis

More from this source