High severity8.1NVD Advisory· Published Apr 30, 2018· Updated Jun 17, 2026
CVE-2018-7891
CVE-2018-7891
Description
The Milestone XProtect Video Management Software (Corporate, Expert, Professional+, Express+, Essential+) 2016 R1 (10.0.a) to 2018 R1 (12.1a) contains .NET Remoting endpoints that are vulnerable to deserialization attacks resulting in remote code execution.
Affected products
1- Range: 2016 R1 (10.0.a) - 2018 R1 (12.1a)
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/104120nvdThird Party AdvisoryVDB Entry
- cert-portal.siemens.com/productcert/pdf/ssa-457058.pdfnvdMitigationThird Party Advisory
- supportcommunity.milestonesys.com/s/article/XProtect-VMS-NET-security-vulnerability-hotfixes-for-2016-R1-2018-R1nvdVendor Advisory
News mentions
0No linked articles in our index yet.