CVE-2025-12063

Summary

An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions.

Affected Software

VendorProductVersion RangeStatus
Axis Communications ABAXIS Camera Station Pro6 < 6.14affected

Weaknesses

  • CWE-639: CWE-639: Authorization Bypass Through User-Controlled Key

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References