CVE-2025-63667

HIGH EPSS 34.5%
Published Nov 12, 20257mo ago · Modified Jun 17, 20261w ago
7.5 CVSS 3.1
High
Find Similar
Published Nov 12, 2025 7mo ago
Last Modified Jun 17, 2026 1w ago

Description

Incorrect access control in SIMICAM v1.16.41-20250725, KEVIEW v1.14.92-20241120, ASECAM v1.14.10-20240725 allows attackers to access sensitive API endpoints without authentication.

CVSS Details

Base Score
7.5
Exploitability
3.9
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
34.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-284

Affected Products 6

VendorProductVersionRange
simicamip_camera_firmware1.16.41any
simicamip_camera*any
keviewip_camera_firmware1.14.92any
keviewip_camera*any
asecamip_camera_firmware1.14.10any
asecamip_camera*any

References 3

  • github.com https://github.com/Remenis/CVE-2025-63667
    MitigationThird Party Advisory
  • github.com https://github.com/Remenis/Vatilon_evidence/releases/download/Evidence/Vatilon_vulnerability_evidence_2025.zip
    Broken Link
  • vatilon.com https://vatilon.com/

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.