{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T03:58:55.838","vulnerabilities":[{"cve":{"id":"CVE-2020-6960","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2020-01-22T15:15:11.617","lastModified":"2026-06-17T03:24:01.233","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR PE prior to Version NVR 5.6 Build 595 T2-Patch, and MPNVRSWXX prior to Version NVR 5.6 Build 595 T2-Patch contain an SQL injection vulnerability that could give an attacker remote unauthenticated access to the web user interface with administrator-level privileges."},{"lang":"es","value":"Las siguientes versiones de MAXPRO VMS y NVR, MAXPRO VMS: HNMSWVMS anterior a Versión VMS560 Build 595 T2-Patch, HNMSWVMSLT anterior a Versión VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE anterior a Versión NVR 5.6 Build 595 T2-Patch , MAXPRO NVR SE anterior a Versión NVR 5.6 Build 595 T2-Patch, MAXPRO NVR PE anterior a Versión NVR 5.6 Build 595 T2-Patch y MPNVRSWXX anterior a Versión NVR 5.6 Build 595 T2-Patch, contienen una vulnerabilidad de inyección SQL que podría otorgar a un atacante un acceso no autenticado remoto en la interfaz de usuario web con privilegios de nivel de administrador."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"n/a","product":"Honeywell Maxpro VMS & NVR","versions":[{"version":"The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR PE prior to Version NVR 5.6 Build 595 T2-Patch, MPNVRSWXX prior to Version NVR 5.6 Build 595 T2-Patch","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:honeywell:maxpro_nvr_xe_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.6","matchCriteriaId":"3579248D-B193-408E-B01D-29DBF9A04FA4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:honeywell:maxpro_nvr_xe:-:*:*:*:*:*:*:*","matchCriteriaId":"865A4620-2861-4D0F-A1DE-F64FD6D5ACC6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:honeywell:maxpro_nvr_se_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.6","matchCriteriaId":"BFB41A69-FDB4-4F61-A4E0-6B7A4B1C32DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:honeywell:maxpro_nvr_se:-:*:*:*:*:*:*:*","matchCriteriaId":"9AE36368-5954-4F85-B497-3020D901A78C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:honeywell:maxpro_nvr_pe_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.6","matchCriteriaId":"EF2AA431-D69C-4758-8C3E-DA1A4B3C35F6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:honeywell:maxpro_nvr_pe:-:*:*:*:*:*:*:*","matchCriteriaId":"3D4BF9BE-9DC7-4CE4-BC26-828C16F20841"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:honeywell:mpnvrswxx_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.6","matchCriteriaId":"605363C6-B2E1-431C-A9BF-962584AD6BA0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:honeywell:mpnvrswxx:-:*:*:*:*:*:*:*","matchCriteriaId":"3807A99C-73FE-4DED-97E4-1D5D513D770D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:honeywell:hnmswvms_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"vms560","matchCriteriaId":"A15E7797-47FE-4CC9-83D0-3CB0CAAFEA7C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:honeywell:hnmswvms:-:*:*:*:*:*:*:*","matchCriteriaId":"3C1552CB-74A5-4ABE-AB84-EF66C6AC8056"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:honeywell:hnmswvmslt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"vms560","matchCriteriaId":"4EA010E5-0276-44DC-BFD6-A133FB097690"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:honeywell:hnmswvmslt:-:*:*:*:*:*:*:*","matchCriteriaId":"B39F40EB-AB3C-4C0F-81AF-86FA12C8EBC4"}]}]}],"references":[{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-021-01","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-021-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}