Search criteria
2 vulnerabilities found for PT30X-LINK-4K-xx by PTZOptics
CVE-2025-35451 (GCVE-0-2025-35451)
Vulnerability from cvelistv5 – Published: 2025-09-05 17:43 – Updated: 2025-09-08 18:08
VLAI?
Title
Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled
Summary
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.
Severity ?
9.8 (Critical)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PTZOptics | PT12X-SE-xx-G3 |
Affected:
0 , < 9.1.43
(custom)
Unaffected: 9.1.43 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T18:08:16.124259Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T18:08:29.882Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PT12X-SE-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "9.1.43",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.1.43"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-LINK-4K-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "0.0.63",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "0.0.63"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-SE-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "9.1.32",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.1.32"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-LINK-4K-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "0.0.89",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "0.0.89"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT-STUDIOPRO",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "9.0.41",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.0.41"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT30X-SE-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "9.1.33",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.1.33"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT30X-LINK-4K-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "2.0.71",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.0.71"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-STUDIO-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "8.1.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.1.90"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-STUDIO-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "8.1.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.1.90"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-SDI/NDI-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.3.70",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.3.70"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-USB-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.2.88",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.2.88"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-SDI/NDI-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.3.27",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.3.27"
}
]
},
{
"defaultStatus": "unknown",
"product": "Pan-Tilt-Zoom Cameras",
"vendor": "SMTAV",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT30X-SDI/NDI-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.3.43",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.3.43"
}
]
},
{
"defaultStatus": "unknown",
"product": "Pan-Tilt-Zoom Cameras",
"vendor": "multiCAM Systems",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"defaultStatus": "unknown",
"product": "VL Fixed Camera/NDI Fixed Camera",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "7.2.94",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "7.2.94"
}
]
},
{
"defaultStatus": "unknown",
"product": "12x Fixed Camera/NDI Fixed Camera",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "7.2.85",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "7.2.85"
}
]
},
{
"defaultStatus": "unknown",
"product": "20x Fixed Camera/NDI Fixed Camera",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "7.2.94",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "7.2.94"
}
]
},
{
"defaultStatus": "unknown",
"product": "EPTZ Fixed Camera/NDI Fixed Camera",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "8.1.89",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.1.89"
}
]
},
{
"defaultStatus": "unknown",
"product": "HC-EPTZ-NDI",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "8.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.2.14"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "0.0.58",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "0.0.58"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "0.0.85",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "0.0.85"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-USB-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.2.81",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.2.81"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT30X-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "2.0.64",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.0.64"
}
]
},
{
"defaultStatus": "unknown",
"product": "Pan-Tilt-Zoom Cameras",
"vendor": "ValueHD",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"datePublic": "2025-06-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
},
{
"other": {
"content": {
"id": "CVE-2025-35451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T17:57:46.995811Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T17:58:14.754Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10"
},
{
"name": "url",
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35451"
},
{
"name": "url",
"url": "https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/"
},
{
"name": "url",
"url": "https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai"
}
],
"title": "Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-35451",
"datePublished": "2025-09-05T17:43:53.108Z",
"dateReserved": "2025-04-15T20:57:14.282Z",
"dateUpdated": "2025-09-08T18:08:29.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-35451 (GCVE-0-2025-35451)
Vulnerability from nvd – Published: 2025-09-05 17:43 – Updated: 2025-09-08 18:08
VLAI?
Title
Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled
Summary
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.
Severity ?
9.8 (Critical)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PTZOptics | PT12X-SE-xx-G3 |
Affected:
0 , < 9.1.43
(custom)
Unaffected: 9.1.43 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T18:08:16.124259Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T18:08:29.882Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PT12X-SE-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "9.1.43",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.1.43"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-LINK-4K-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "0.0.63",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "0.0.63"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-SE-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "9.1.32",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.1.32"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-LINK-4K-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "0.0.89",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "0.0.89"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT-STUDIOPRO",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "9.0.41",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.0.41"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT30X-SE-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "9.1.33",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.1.33"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT30X-LINK-4K-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "2.0.71",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.0.71"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-STUDIO-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "8.1.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.1.90"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-STUDIO-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "8.1.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.1.90"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-SDI/NDI-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.3.70",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.3.70"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-USB-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.2.88",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.2.88"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-SDI/NDI-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.3.27",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.3.27"
}
]
},
{
"defaultStatus": "unknown",
"product": "Pan-Tilt-Zoom Cameras",
"vendor": "SMTAV",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT30X-SDI/NDI-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.3.43",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.3.43"
}
]
},
{
"defaultStatus": "unknown",
"product": "Pan-Tilt-Zoom Cameras",
"vendor": "multiCAM Systems",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"defaultStatus": "unknown",
"product": "VL Fixed Camera/NDI Fixed Camera",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "7.2.94",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "7.2.94"
}
]
},
{
"defaultStatus": "unknown",
"product": "12x Fixed Camera/NDI Fixed Camera",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "7.2.85",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "7.2.85"
}
]
},
{
"defaultStatus": "unknown",
"product": "20x Fixed Camera/NDI Fixed Camera",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "7.2.94",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "7.2.94"
}
]
},
{
"defaultStatus": "unknown",
"product": "EPTZ Fixed Camera/NDI Fixed Camera",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "8.1.89",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.1.89"
}
]
},
{
"defaultStatus": "unknown",
"product": "HC-EPTZ-NDI",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "8.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.2.14"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "0.0.58",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "0.0.58"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "0.0.85",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "0.0.85"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-USB-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.2.81",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.2.81"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT30X-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "2.0.64",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.0.64"
}
]
},
{
"defaultStatus": "unknown",
"product": "Pan-Tilt-Zoom Cameras",
"vendor": "ValueHD",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"datePublic": "2025-06-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
},
{
"other": {
"content": {
"id": "CVE-2025-35451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T17:57:46.995811Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T17:58:14.754Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10"
},
{
"name": "url",
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35451"
},
{
"name": "url",
"url": "https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/"
},
{
"name": "url",
"url": "https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai"
}
],
"title": "Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-35451",
"datePublished": "2025-09-05T17:43:53.108Z",
"dateReserved": "2025-04-15T20:57:14.282Z",
"dateUpdated": "2025-09-08T18:08:29.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}