Skip to main content

Industrial HiVision v06.0.09 released - News / Software Products - Hirschmann Support Center

JUL 6 2018

Industrial HiVision v06.0.09 released

Security Vulnerability Corrected in version 06.0.09


Regarding the Java vulnerability CVE-2017-7525, Jackson-databind: deserialization vulnerability via readValue method of ObjectMapper. The Jackson libraries have been replaced and the vulnerability is corrected in this release.

Regarding the Java vulnerability CVE-2018-2794, for Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17, the JRockit component of the Oracle Java SE Security subcomponent: Successful attacks require human interaction from another person who is logon the network. This vulnerability was exploited through sandboxed Java Web Start applications and sandboxed Java applets. The vulnerability has been corrected in this release.

Regarding the Java vulnerability CVE-2018-2783, Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17: The vulnerability allowed unauthenticated attack with network access through multiple protocols to compromise Java SE, Java SE Embedded, and JRockit. This vulnerability was exploited through sandboxed Java Web Start applications and sandboxed Java applets. The vulnerability has been corrected in this release.


Fixes in version 06.0.09

  • Connections between two devices, e.g. switch to switch, or switch to PC, displayed incorrect load.


New features in version 06.0.09

  • New devices:
    • EAGLEONE-SM-TX