| Advisory ID | Severity | Release Date | Reported By | CVE ID |
| HSVD-2025-0050 | High | August 26, 2025 | External submission | N/A |
Overview
Hillstone Products Privilege Escalation Vulnerability. This vulnerability is caused by authentication logic defects in the system. Attackers with low permissions can upgrade the permissions to root permissions through the vulnerability and take over the system.
Affected Products & Fix Versions
| PRODUCT | AFFECTED VERSIONS | FIX VERSION |
|---|---|---|
| iSource | Versions before 2.0R14 | Version 2.0R14 |
| HSM | Versions before 5.6.8.1, Versions before 4.19.12 | Version 5.6.8.1 and Version 4.19.12 |
| HSA | Versions before 2.21.1 | Version 2.21.1 |
| CloudArmou | Versions before R5P1 | R5P1 |
Remediation & Mitigation
- Repair by upgrading the version.
Contact & Reporting
For technical support and detailed remediation guidance, contact Hillstone Networks support at +1-800-930-6707.
To report security issues in Hillstone products, email PSIRT@hillstonenet.com. Hillstone follows responsible disclosure principles and applicable regulations when handling product security incidents.
Legal notice — Without written authorization from Hillstone Networks, no organization or individual may modify, excerpt, or disseminate the content of this advisory for commercial purposes.
Recent Comments