CVE-2025-35452
CRITICAL EPSS 51.8%
Published Sep 5, 20259mo ago · Modified Jun 17, 20262w ago
9.2 CVSS 4.0
Published Sep 5, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago
Description
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X
Threat Intelligence
EPSS Exploit Probability
51.8% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 2
CWE-1392
CWE-798 Use of Hard-coded Credentials Authentication
Affected Products 122
| Vendor | Product | Version | Range |
|---|---|---|---|
| ptzoptics | pt12x-sdi-xx-g2_firmware | * | any |
| ptzoptics | pt12x-sdi-xx-g2 | * | any |
| ptzoptics | pt12x-ndi-xx_firmware | * | any |
| ptzoptics | pt12x-ndi-xx | * | any |
| ptzoptics | pt12x-usb-xx-g2_firmware | * | any |
| ptzoptics | pt12x-usb-xx-g2 | * | any |
| ptzoptics | pt20x-sdi-xx-g2_firmware | * | any |
| ptzoptics | pt20x-sdi-xx-g2 | * | any |
| ptzoptics | t20x-ndi-xx_firmware | * | any |
| ptzoptics | t20x-ndi-xx | * | any |
| ptzoptics | pt20x-usb-xx-g2_firmware | * | any |
| ptzoptics | pt20x-usb-xx-g2 | * | any |
| ptzoptics | pt30x-sdi-xx-g2_firmware | * | any |
| ptzoptics | pt30x-sdi-xx-g2 | * | any |
| ptzoptics | pt30x-ndi-xx_firmware | * | any |
| ptzoptics | pt30x-ndi-xx | * | any |
| ptzoptics | pt12x-zcam_firmware | * | any |
| ptzoptics | pt12x-zcam | * | any |
| ptzoptics | pt20x-zcam_firmware | * | any |
| ptzoptics | pt20x-zcam | * | any |
| ptzoptics | ptvl-zcam_firmware | * | any |
| ptzoptics | ptvl-zcam | * | any |
| ptzoptics | pteptz-zcam-g2_firmware | * | any |
| ptzoptics | pteptz-zcam-g2 | * | any |
| ptzoptics | pteptz-ndi-zcam-g2 | * | any |
| ptzoptics | pteptz-ndi-zcam-g2 | * | any |
| ptzoptics | pt12x-4k-xx-g3_firmware | * | ≤0.0.58 |
| ptzoptics | pt12x-4k-xx-g3 | * | any |
| ptzoptics | pt20x-4k-xx-g3_firmware | * | ≤0.0.85 |
| ptzoptics | pt20x-4k-xx-g3 | * | any |
| ptzoptics | pt30x-4k-xx-g3_firmware | * | ≤2.0.64 |
| ptzoptics | pt30x-4k-xx-g3 | * | any |
| ptzoptics | pt12x-link-4k-xx_firmware | * | ≤0.0.63 |
| ptzoptics | pt12x-link-4k-xx | * | any |
| ptzoptics | pt20x-link-4k-xx_firmware | * | ≤0.0.89 |
| ptzoptics | pt20x-link-4k-xx | * | any |
| ptzoptics | pt30x-link-4k-xx_firmware | * | ≤2.0.71 |
| ptzoptics | pt30x-link-4k-xx | * | any |
| ptzoptics | pt12x-se-xx-g3_firmware | * | ≤9.1.43 |
| ptzoptics | pt12x-se-xx-g3 | * | any |
| ptzoptics | pt20x-se-xx-g3_firmware | * | ≤9.1.32 |
| ptzoptics | pt20x-se-xx-g3 | * | any |
| ptzoptics | pt30x-se-xx-g3_firmware | * | ≤9.1.33 |
| ptzoptics | pt30x-se-xx-g3 | * | any |
| ptzoptics | pt-studiopro_firmware | * | ≤9.0.41 |
| ptzoptics | pt-studiopro | * | any |
| ptzoptics | vl_fixed_camera_firmware | * | ≤7.2.94 |
| ptzoptics | vl_fixed_camera | * | any |
| ptzoptics | ndi_fixed_camera_firmware | * | ≤7.2.94 |
| ptzoptics | ndi_fixed_camera | * | any |
| multicam-systems | mcamii_ptz_firmware | * | any |
| multicam-systems | mcamii_ptz | * | any |
| smtav | ba30s_firmware | * | any |
| smtav | ba30s | * | any |
| smtav | ba20s_firmware | * | any |
| smtav | ba20s | * | any |
| smtav | bv20s_firmware | * | any |
| smtav | bv20s | * | any |
| smtav | bx30s_firmware | * | any |
| smtav | bx30s | * | any |
| smtav | bx20n_firmware | * | any |
| smtav | bx20n | * | any |
| smtav | bx20uhd-n_firmware | * | any |
| smtav | bx20uhd-n | * | any |
| smtav | bx20uhd_firmware | * | any |
| smtav | bx20uhd | * | any |
| smtav | ba30-n_firmware | * | any |
| smtav | ba30-n | * | any |
| smtav | ba20-n_firmware | * | any |
| smtav | ba20-n | * | any |
| smtav | ba12-n_firmware | * | any |
| smtav | ba12-n | * | any |
| smtav | hd17h-n_firmware | * | any |
| smtav | hd17h-n | * | any |
| smtav | bx20s-sh_firmware | * | any |
| smtav | bx20s-sh | * | any |
| smtav | hd17h_firmware | * | any |
| smtav | hd17h | * | any |
| smtav | bv30s_firmware | * | any |
| smtav | bv30s | * | any |
| smtav | ba12s_firmware | * | any |
| smtav | ba12s | * | any |
| valuehd | vx90_firmware | * | any |
| valuehd | vx90 | * | any |
| valuehd | vx720l_firmware | * | any |
| valuehd | vx720l | * | any |
| valuehd | vx752ag_firmware | * | any |
| valuehd | vx752ag | * | any |
| valuehd | vx752a_firmware | * | any |
| valuehd | vx752a | * | any |
| valuehd | vx751ba_firmware | * | any |
| valuehd | vx751ba | * | any |
| valuehd | vx630al_firmware | * | any |
| valuehd | vx630al | * | any |
| valuehd | vx61asl_firmware | * | any |
| valuehd | vx61asl | * | any |
| valuehd | vx61basl_firmware | * | any |
| valuehd | vx61basl | * | any |
| valuehd | vx60asl_firmware | * | any |
| valuehd | vx60asl | * | any |
| valuehd | vx61al_firmware | * | any |
| valuehd | vx61al | * | any |
| valuehd | vx60al_firmware | * | any |
| valuehd | vx60al | * | any |
| valuehd | vx701ra_firmware | * | any |
| valuehd | vx701ra | * | any |
| valuehd | vx701ta_firmware | * | any |
| valuehd | vx701ta | * | any |
| valuehd | vx800i2_firmware | * | any |
| valuehd | vx800i2 | * | any |
| valuehd | v61w_firmware | * | any |
| valuehd | v61w | * | any |
| valuehd | v63xl_firmware | * | any |
| valuehd | v63xl | * | any |
| valuehd | v60xl_firmware | * | any |
| valuehd | v60xl | * | any |
| valuehd | vx70uvs_firmware | * | any |
| valuehd | vx70uvs | * | any |
| valuehd | vx71uvs_firmware | * | any |
| valuehd | vx71uvs | * | any |
| valuehd | v71uvs_firmware | * | any |
| valuehd | v71uvs | * | any |
References 5
- github.com https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json
- cisa.gov https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10
- cve.org https://www.cve.org/CVERecord?id=CVE-2025-35452
- greynoise.io https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai
- labs.greynoise.io https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/
Remediation
- github.com https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json