CVE-2025-39247: Unauthenticated Admin Access Control Vulnerability in HikCentral Professional (+ CVE-2025-39245, CVE-2025-39246)
Hikvision’s Security Response Center published advisory HSRC-202508-01 on 28 August 2025, disclosing three CVEs across HikCentral Professional, HikCentral Master Lite, and HikCentral FocSign. The most serious — CVE-2025-39247 — carries a CVSS v3.1 base score of 8.6 and allows an…