CVE-2025-0324

Summary

The VAPIX Device Configuration framework allowed a privilege escalation, enabling a lower-privileged user to gain administrator privileges.

Affected Software

VendorProductVersion RangeStatus
Axis Communications ABAXIS OS11.8.0 < 11.11.140affected
Axis Communications ABAXIS OS12.0.0 < 12.3.33affected

Weaknesses

  • CWE-791: CWE-791: Incomplete Filtering of Special Elements

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References