CVE-2025-30024
Analyzed
Analyzed - Analysis Complete
BaseFortify
Publication date: 2025-07-11
Last updated on: 2026-01-23
Assigner: Axis Communications AB
Description
Description
The communication protocol used between client
and server had a flaw that could be leveraged to execute a man in the middle attack.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| axis | device_manager | to 5.32.137 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a flaw in the communication protocol between client and server that can be exploited to perform a man-in-the-middle attack, allowing an attacker to intercept and potentially alter the communication.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized interception and modification of sensitive data exchanged between client and server, compromising confidentiality and integrity, which may result in data breaches or unauthorized access.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70