CVE-2025-64770

Summary

The affected products allow unauthenticated access to Open Network Video Interface Forum (ONVIF) services, which may allow an attacker unauthorized access to camera configuration information.

Affected Software

VendorProductVersion RangeStatus
iCam365P2010 <= 43.4.0.0affected
iCam365QC0210 <= 43.4.0.0affected

Weaknesses

  • CWE-306: CWE-306

Workarounds

iCam365 did not respond to CISA's request for coordination. Contact iCam365 https://icam365.net/en/aboutUs/  directly for more information.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References