CVE-2025-52600
Unknown
Unknown - Not Provided
Improper Input Validation in Camera Video Analytics Enables Command Execution
Publication date: 2025-12-26
Last updated on: 2025-12-26
Assigner: Hanwha Vision Co., Ltd.
Description
Description
Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has discovered a vulnerability in camera video analytics that Improper input validation. This vulnerability could allow an attacker to execute specific commands on the user's host PC.The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hanwha | vision_camera | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves improper input validation in camera video analytics software, which could allow an attacker to execute specific commands on the user's host PC.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability could execute commands on your host PC, potentially leading to unauthorized actions or control over your system.
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to apply the patch firmware released by the manufacturer. Please refer to the manufacturer's report for details and workarounds.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70