CVE-2025-5718

MEDIUM EPSS 21.9%

Published Nov 11, 20257mo ago · Modified Jun 17, 20261w ago

6.8 CVSS 3.1

Medium

Published Nov 11, 2025 7mo ago

Last Modified Jun 17, 2026 1w ago

Description

The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.

CVSS Details

Base Score

6.8

Exploitability

0.9

Impact

5.9

Vector string

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Attack Vector Network

Attack Complexity Low

Privileges Required High

User Interaction Required

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Threat Intelligence

EPSS Exploit Probability

21.9% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-59

Affected Products 233

Vendor	Product	Version	Range
axis	axis_os	*	≥12.0.0 – <12.6.30
axis	a1210_\(-b\)	*	any
axis	a1214	*	any
axis	a1601	*	any
axis	a1610_\(-b\)	*	any
axis	a1710-b	*	any
axis	a1810-b	*	any
axis	a8207-ve_mk_ii	*	any
axis	c1110-e	*	any
axis	c1111-e	*	any
axis	c1210-e	*	any
axis	c1211-e	*	any
axis	c1310-e_mk_ii	*	any
axis	c1410_mk_ii	*	any
axis	c1510	*	any
axis	c1511	*	any
axis	c1610-ve	*	any
axis	c1710	*	any
axis	c1720	*	any
axis	c6110	*	any
axis	c8110	*	any
axis	c8210	*	any
axis	d1110	*	any
axis	d201-s_xpt_q6075	*	any
axis	d2110-ve	*	any
axis	d2210-ve	*	any
axis	d3110_mk_ii	*	any
axis	d4100-ve_mk_ii	*	any
axis	d4200-ve	*	any
axis	d6310	*	any
axis	excam_xf_q1785	*	any
axis	excam_xpt_q6075	*	any
axis	f9104-b_main_unit	*	any
axis	f9104-b_mk_ii_main_unit	*	any
axis	f9111-r_mk_ii_main_unit	*	any
axis	f9111_main_unit	*	any
axis	f9111_mk_ii_main_unit	*	any
axis	f9114-b-r_mk_ii_main_unit	*	any
axis	f9114-b_main_unit	*	any
axis	f9114-bt	*	any
axis	f9114_main_unit	*	any
axis	fa51	*	any
axis	fa51-b	*	any
axis	fa54	*	any
axis	i7010-safety	*	any
axis	i7010-ve	*	any
axis	i7020	*	any
axis	i8016-lve	*	any
axis	i8116-e	*	any
axis	i8307-ve	*	any
axis	m1055-l	*	any
axis	m1075-l	*	any
axis	m1135	*	any
axis	m1135-e_mk_ii	*	any
axis	m1137	*	any
axis	m1137-e_mk_ii	*	any
axis	m2035-le	*	any
axis	m2036-le	*	any
axis	m3057-plr_mk_ii	*	any
axis	m3085-v	*	any
axis	m3086-v	*	any
axis	m3086-v_mic	*	any
axis	m3088-v	*	any
axis	m3125-lve	*	any
axis	m3126-lve	*	any
axis	m3128-lve	*	any
axis	m3215-lve	*	any
axis	m3216-lve	*	any
axis	m3905-r	*	any
axis	m4215-lv	*	any
axis	m4215-v	*	any
axis	m4216-lv	*	any
axis	m4216-v	*	any
axis	m4218-lv	*	any
axis	m4218-v	*	any
axis	m4225-lve	*	any
axis	m4227-lve	*	any
axis	m4228-lve	*	any
axis	m4308-ple	*	any
axis	m4317-plr	*	any
axis	m4317-plve	*	any
axis	m4318-plr	*	any
axis	m4318-plve	*	any
axis	m4327-p	*	any
axis	m4328-p	*	any
axis	m5000	*	any
axis	m5000-g	*	any
axis	m5074	*	any
axis	m5075	*	any
axis	m5075-g	*	any
axis	m5526-e	*	any
axis	m7104	*	any
axis	m7116	*	any
axis	p1245_mk_ii	*	any
axis	p1265_mk_ii	*	any
axis	p1275_mk_ii	*	any
axis	p1385	*	any
axis	p1385-b	*	any
axis	p1385-be	*	any
axis	p1385-e	*	any
axis	p1387	*	any
axis	p1387-b	*	any
axis	p1387-be	*	any
axis	p1387-le	*	any
axis	p1388	*	any
axis	p1388-b	*	any
axis	p1388-be	*	any
axis	p1388-le	*	any
axis	p1465-le	*	any
axis	p1465-le-3	*	any
axis	p1467-le	*	any
axis	p1468-le	*	any
axis	p1468-xle	*	any
axis	p1475-le	*	any
axis	p1518-e	*	any
axis	p1518-le	*	any
axis	p3265-lv	*	any
axis	p3265-lve	*	any
axis	p3265-lve-3	*	any
axis	p3265-v	*	any
axis	p3267-lv	*	any
axis	p3267-lve	*	any
axis	p3267-lve_mic	*	any
axis	p3268-lv	*	any
axis	p3268-lve	*	any
axis	p3268-slve	*	any
axis	p3275-lv	*	any
axis	p3275-lve	*	any
axis	p3277-lv	*	any
axis	p3277-lve	*	any
axis	p3278-lv	*	any
axis	p3278-lve	*	any
axis	p3285-lv	*	any
axis	p3285-lve	*	any
axis	p3287-lv	*	any
axis	p3287-lve	*	any
axis	p3288-lv	*	any
axis	p3288-lve	*	any
axis	p3735-ple	*	any
axis	p3737-ple	*	any
axis	p3738-ple	*	any
axis	p3747-plve	*	any
axis	p3748-plve	*	any
axis	p3818-pve	*	any
axis	p3827-pve	*	any
axis	p3905-r_mk_iii	*	any
axis	p3925-lre	*	any
axis	p3925-r	*	any
axis	p3935-lr	*	any
axis	p4705-plve	*	any
axis	p4707-plve	*	any
axis	p4708-plve	*	any
axis	p5654-e	*	any
axis	p5654-e_mk_ii	*	any
axis	p5655-e	*	any
axis	p5676-le	*	any
axis	p7304	*	any
axis	p7316	*	any
axis	p9117-pv	*	any
axis	q1615-le_mk_iii	*	any
axis	q1615_mk_iii	*	any
axis	q1656	*	any
axis	q1656-b	*	any
axis	q1656-be	*	any
axis	q1656-ble	*	any
axis	q1656-dle	*	any
axis	q1656-le	*	any
axis	q1686-dle	*	any
axis	q1715	*	any
axis	q1728	*	any
axis	q1728-le	*	any
axis	q1798-le	*	any
axis	q1800-le	*	any
axis	q1800-le-3	*	any
axis	q1805-le	*	any
axis	q1806-le	*	any
axis	q1808-le	*	any
axis	q1809-le	*	any
axis	q1961-te	*	any
axis	q1961-xte	*	any
axis	q1971-e	*	any
axis	q1972-e	*	any
axis	q2101-te	*	any
axis	q2111-e	*	any
axis	q2112-e	*	any
axis	q3536-lve	*	any
axis	q3538-lve	*	any
axis	q3538-slve	*	any
axis	q3546-lve	*	any
axis	q3548-lve	*	any
axis	q3556-lve	*	any
axis	q3558-lve	*	any
axis	q3626-ve	*	any
axis	q3628-ve	*	any
axis	q3819-pve	*	any
axis	q3839-pve	*	any
axis	q3839-spve	*	any
axis	q4809-pve	*	any
axis	q6020-e	*	any
axis	q6074	*	any
axis	q6074-e	*	any
axis	q6075	*	any
axis	q6075-e	*	any
axis	q6075-s	*	any
axis	q6075-se	*	any
axis	q6078-e	*	any
axis	q6135-le	*	any
axis	q6225-le	*	any
axis	q6300-e	*	any
axis	q6315-le	*	any
axis	q6318-le	*	any
axis	q6355-le	*	any
axis	q6358-le	*	any
axis	q8615-e	*	any
axis	q8752-e	*	any
axis	q8752-e_mk_ii	*	any
axis	q9307-lv	*	any
axis	s3008	*	any
axis	s3008_mk_ii	*	any
axis	s3016	*	any
axis	s4000	*	any
axis	v5925	*	any
axis	v5938	*	any
axis	w100	*	any
axis	w101	*	any
axis	w102	*	any
axis	w110	*	any
axis	w120	*	any
axis	w401	*	any
axis	xc1311	*	any
axis	xf40-q1785	*	any
axis	xfq1656	*	any
axis	xpq1785	*	any

References 1

axis.com https://www.axis.com/dam/public/3c/a4/6a/cve-2025-5718pdf-en-US-504214.pdf

Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.