ГлавнаяУязвимости → CVE-2025-35452
9.8критическая

CVE-2025-35452

Описание

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface.

Затрагиваемое ПО
Ptzoptics Pt12x-sdi-xx-g2 firmwarePtzoptics Pt12x-sdi-xx-g2Ptzoptics Pt12x-ndi-xx firmwarePtzoptics Pt12x-ndi-xxPtzoptics Pt12x-usb-xx-g2 firmwarePtzoptics Pt12x-usb-xx-g2Ptzoptics Pt20x-sdi-xx-g2 firmwarePtzoptics Pt20x-sdi-xx-g2Ptzoptics T20x-ndi-xx firmwarePtzoptics T20x-ndi-xxPtzoptics Pt20x-usb-xx-g2 firmwarePtzoptics Pt20x-usb-xx-g2Ptzoptics Pt30x-sdi-xx-g2 firmwarePtzoptics Pt30x-sdi-xx-g2Ptzoptics Pt30x-ndi-xx firmwarePtzoptics Pt30x-ndi-xxPtzoptics Pt12x-zcam firmwarePtzoptics Pt12x-zcamPtzoptics Pt20x-zcam firmwarePtzoptics Pt20x-zcamPtzoptics Ptvl-zcam firmwarePtzoptics Ptvl-zcamPtzoptics Pteptz-zcam-g2 firmwarePtzoptics Pteptz-zcam-g2Ptzoptics Pteptz-ndi-zcam-g2
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.jsonhttps://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10https://www.cve.org/CVERecord?id=CVE-2025-35452https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-aihttps://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/