CVE-2026-50005
Deferred Deferred - Pending Action

Default Credentials in Brickcom Cameras Allow Unauthenticated Access

Vulnerability report for CVE-2026-50005, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-11

Last updated on: 2026-06-11

Assigner: ICS-CERT

Description

Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-11
Last Modified
2026-06-11
Generated
2026-07-02
AI Q&A
2026-06-12
EPSS Evaluated
2026-06-30
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
brickcom camera *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1392 The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

The vulnerability allows unauthenticated remote attackers to silently access live camera feeds, potentially exposing sensitive visual information without detection.

Such unauthorized access to sensitive data could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access.

However, the provided information does not explicitly discuss the impact on compliance with these or other common standards and regulations.

Detection Guidance

This vulnerability involves Brickcom cameras using default credentials that allow unauthenticated remote access to camera feeds.

Detection can focus on identifying Brickcom camera devices on the network and checking for default credential usage.

  • Scan your network for Brickcom camera IP addresses using tools like nmap.
  • Attempt to access the camera feeds remotely using known default credentials to verify if unauthorized access is possible.
  • Monitor network traffic for unusual or unauthorized access attempts to camera devices.

Specific commands might include:

  • nmap -p 80,554 --open -sV <network_range> # To find devices with HTTP or RTSP ports open, commonly used by cameras.
  • curl http://<camera_ip>/ # To check if the camera web interface is accessible.
  • Attempt login with default credentials on the camera interface or RTSP stream.
Mitigation Strategies

Immediate mitigation steps include isolating the affected Brickcom cameras from the internet to prevent remote unauthorized access.

Use firewalls to restrict access to the cameras only to trusted networks or devices.

Employ secure remote access methods such as VPNs to control who can reach the camera feeds.

Contact the vendor for support and updates, although Brickcom has not responded to coordination requests so far.

Executive Summary

This vulnerability involves Brickcom cameras that come with default credentials. These default credentials allow any unauthenticated remote attacker to silently access the camera feeds without needing to log in or provide any authentication.

Impact Analysis

The vulnerability can lead to unauthorized remote access to live camera feeds. This means attackers can silently monitor video streams without permission, potentially compromising privacy and security.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-50005. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart