Vulnerability Details CVE-2025-35452
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.2%
CVSS Severity
CVSS v3 Score 9.8
References
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10
- https://www.cve.org/CVERecord?id=CVE-2025-35452
- https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai
- https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/
Products affected by CVE-2025-35452
-
cpe:2.3:h:multicam-systems:mcamii_ptz:-
-
cpe:2.3:h:ptzoptics:ndi_fixed_camera:-
-
cpe:2.3:h:ptzoptics:pt-studiopro:-
-
cpe:2.3:h:ptzoptics:pt12x-4k-xx-g3:-
-
cpe:2.3:h:ptzoptics:pt12x-link-4k-xx:-
-
cpe:2.3:h:ptzoptics:pt12x-ndi-xx:-
-
cpe:2.3:h:ptzoptics:pt12x-sdi-xx-g2:-
-
cpe:2.3:h:ptzoptics:pt12x-se-xx-g3:-
-
cpe:2.3:h:ptzoptics:pt12x-usb-xx-g2:-
-
cpe:2.3:h:ptzoptics:pt12x-zcam:-
-
cpe:2.3:h:ptzoptics:pt20x-4k-xx-g3:-
-
cpe:2.3:h:ptzoptics:pt20x-link-4k-xx:-
-
cpe:2.3:h:ptzoptics:pt20x-sdi-xx-g2:-
-
cpe:2.3:h:ptzoptics:pt20x-se-xx-g3:-
-
cpe:2.3:h:ptzoptics:pt20x-usb-xx-g2:-
-
cpe:2.3:h:ptzoptics:pt20x-zcam:-
-
cpe:2.3:h:ptzoptics:pt30x-4k-xx-g3:-
-
cpe:2.3:h:ptzoptics:pt30x-link-4k-xx:-
-
cpe:2.3:h:ptzoptics:pt30x-ndi-xx:-
-
cpe:2.3:h:ptzoptics:pt30x-sdi-xx-g2:-
-
cpe:2.3:h:ptzoptics:pt30x-se-xx-g3:-
-
cpe:2.3:h:ptzoptics:pteptz-ndi-zcam-g2:-
-
cpe:2.3:h:ptzoptics:pteptz-zcam-g2:-
-
cpe:2.3:h:ptzoptics:ptvl-zcam:-
-
cpe:2.3:h:ptzoptics:t20x-ndi-xx:-
-
cpe:2.3:h:ptzoptics:vl_fixed_camera:-
-
cpe:2.3:h:smtav:ba12-n:-
-
cpe:2.3:h:smtav:ba12s:-
-
cpe:2.3:h:smtav:ba20-n:-
-
cpe:2.3:h:smtav:ba20s:-
-
cpe:2.3:h:smtav:ba30-n:-
-
cpe:2.3:h:smtav:ba30s:-
-
cpe:2.3:h:smtav:bv20s:-
-
cpe:2.3:h:smtav:bv30s:-
-
cpe:2.3:h:smtav:bx20n:-
-
cpe:2.3:h:smtav:bx20s-sh:-
-
cpe:2.3:h:smtav:bx20uhd-n:-
-
cpe:2.3:h:smtav:bx20uhd:-
-
cpe:2.3:h:smtav:bx30s:-
-
cpe:2.3:h:smtav:hd17h-n:-
-
cpe:2.3:h:smtav:hd17h:-
-
cpe:2.3:h:valuehd:v60xl:-
-
cpe:2.3:h:valuehd:v61w:-
-
cpe:2.3:h:valuehd:v63xl:-
-
cpe:2.3:h:valuehd:v71uvs:-
-
cpe:2.3:h:valuehd:vx60al:-
-
cpe:2.3:h:valuehd:vx60asl:-
-
cpe:2.3:h:valuehd:vx61al:-
-
cpe:2.3:h:valuehd:vx61asl:-
-
cpe:2.3:h:valuehd:vx61basl:-
-
cpe:2.3:h:valuehd:vx630al:-
-
cpe:2.3:h:valuehd:vx701ra:-
-
cpe:2.3:h:valuehd:vx701ta:-
-
cpe:2.3:h:valuehd:vx70uvs:-
-
cpe:2.3:h:valuehd:vx71uvs:-
-
cpe:2.3:h:valuehd:vx720l:-
-
cpe:2.3:h:valuehd:vx751ba:-
-
cpe:2.3:h:valuehd:vx752a:-
-
cpe:2.3:h:valuehd:vx752ag:-
-
cpe:2.3:h:valuehd:vx800i2:-
-
cpe:2.3:h:valuehd:vx90:-
-
cpe:2.3:o:multicam-systems:mcamii_ptz_firmware:*
-
cpe:2.3:o:ptzoptics:ndi_fixed_camera_firmware:7.2.94
-
cpe:2.3:o:ptzoptics:pt-studiopro_firmware:9.0.41
-
cpe:2.3:o:ptzoptics:pt12x-4k-xx-g3_firmware:0.0.58
-
cpe:2.3:o:ptzoptics:pt12x-link-4k-xx_firmware:0.0.63
-
cpe:2.3:o:ptzoptics:pt12x-ndi-xx_firmware:-
-
cpe:2.3:o:ptzoptics:pt12x-sdi-xx-g2_firmware:-
-
cpe:2.3:o:ptzoptics:pt12x-se-xx-g3_firmware:9.1.43
-
cpe:2.3:o:ptzoptics:pt12x-usb-xx-g2_firmware:-
-
cpe:2.3:o:ptzoptics:pt12x-zcam_firmware:-
-
cpe:2.3:o:ptzoptics:pt20x-4k-xx-g3_firmware:0.0.85
-
cpe:2.3:o:ptzoptics:pt20x-link-4k-xx_firmware:0.0.89
-
cpe:2.3:o:ptzoptics:pt20x-sdi-xx-g2_firmware:-
-
cpe:2.3:o:ptzoptics:pt20x-se-xx-g3_firmware:9.1.32
-
cpe:2.3:o:ptzoptics:pt20x-usb-xx-g2_firmware:-
-
cpe:2.3:o:ptzoptics:pt20x-zcam_firmware:-
-
cpe:2.3:o:ptzoptics:pt30x-4k-xx-g3_firmware:2.0.64
-
cpe:2.3:o:ptzoptics:pt30x-link-4k-xx_firmware:2.0.71
-
cpe:2.3:o:ptzoptics:pt30x-ndi-xx_firmware:-
-
cpe:2.3:o:ptzoptics:pt30x-sdi-xx-g2_firmware:-
-
cpe:2.3:o:ptzoptics:pt30x-se-xx-g3_firmware:9.1.33
-
cpe:2.3:o:ptzoptics:pteptz-ndi-zcam-g2:-
-
cpe:2.3:o:ptzoptics:pteptz-zcam-g2_firmware:-
-
cpe:2.3:o:ptzoptics:ptvl-zcam_firmware:-
-
cpe:2.3:o:ptzoptics:t20x-ndi-xx_firmware:-
-
cpe:2.3:o:ptzoptics:vl_fixed_camera_firmware:7.2.94
-
cpe:2.3:o:smtav:ba12-n_firmware:-
-
cpe:2.3:o:smtav:ba12s_firmware:-
-
cpe:2.3:o:smtav:ba20-n_firmware:-
-
cpe:2.3:o:smtav:ba20s_firmware:-
-
cpe:2.3:o:smtav:ba30-n_firmware:-
-
cpe:2.3:o:smtav:ba30s_firmware:-
-
cpe:2.3:o:smtav:bv20s_firmware:-
-
cpe:2.3:o:smtav:bv30s_firmware:-
-
cpe:2.3:o:smtav:bx20n_firmware:-
-
cpe:2.3:o:smtav:bx20s-sh_firmware:-
-
cpe:2.3:o:smtav:bx20uhd-n_firmware:-
-
cpe:2.3:o:smtav:bx20uhd_firmware:-
-
cpe:2.3:o:smtav:bx30s_firmware:-
-
cpe:2.3:o:smtav:hd17h-n_firmware:-
-
cpe:2.3:o:smtav:hd17h_firmware:-
-
cpe:2.3:o:valuehd:v60xl_firmware:-
-
cpe:2.3:o:valuehd:v61w_firmware:-
-
cpe:2.3:o:valuehd:v63xl_firmware:-
-
cpe:2.3:o:valuehd:v71uvs_firmware:-
-
cpe:2.3:o:valuehd:vx60al_firmware:-
-
cpe:2.3:o:valuehd:vx60asl_firmware:-
-
cpe:2.3:o:valuehd:vx61al_firmware:-
-
cpe:2.3:o:valuehd:vx61asl_firmware:-
-
cpe:2.3:o:valuehd:vx61basl_firmware:-
-
cpe:2.3:o:valuehd:vx630al_firmware:-
-
cpe:2.3:o:valuehd:vx701ra_firmware:-
-
cpe:2.3:o:valuehd:vx701ta_firmware:-
-
cpe:2.3:o:valuehd:vx70uvs_firmware:-
-
cpe:2.3:o:valuehd:vx71uvs_firmware:-
-
cpe:2.3:o:valuehd:vx720l_firmware:-
-
cpe:2.3:o:valuehd:vx751ba_firmware:-
-
cpe:2.3:o:valuehd:vx752a_firmware:-
-
cpe:2.3:o:valuehd:vx752ag_firmware:-
-
cpe:2.3:o:valuehd:vx800i2_firmware:-
-
cpe:2.3:o:valuehd:vx90_firmware:-