← back
CVE-2025-35452

Pan-Tilt-Zoom cameras default administrative credentials for web interface

CVSS 9.2 CRITICALEPSS 0.8%CWE-1392CWE-798
In short

PTZOptics and similar cameras come with default administrator usernames and passwords for their web interface that are the same across all devices. An attacker can access the camera's controls and settings without authorization, potentially viewing feeds, changing configurations, or disabling security features.

Technical detail

These pan-tilt-zoom cameras fail to enforce unique or changed default credentials on the administrative web interface (CWE-798: Use of Hard-coded Credentials). An unauthenticated attacker on the network can authenticate using publicly known default credentials, gaining full administrative access to the camera's configuration, video streams, and remote control functions. This affects PTZOptics and ValueHD-based devices with no enforcement of credential rotation.

Summary generated and translated by AI from the official description.
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
multiCAM Systems · Pan-Tilt-Zoom CamerasPTZOptics · 12x Fixed Camera/NDI Fixed CameraPTZOptics · 20x Fixed Camera/NDI Fixed CameraPTZOptics · EPTZ Fixed Camera/NDI Fixed CameraPTZOptics · HC-EPTZ-NDIPTZOptics · PT12X-4K-xx-G3PTZOptics · PT12X-LINK-4K-xxPTZOptics · PT12X-SDI/NDI-xxPTZOptics · PT12X-SE-xx-G3PTZOptics · PT12X-STUDIO-4K-xx-G3PTZOptics · PT12X-USB-xxPTZOptics · PT20X-4K-xx-G3PTZOptics · PT20X-LINK-4K-xxPTZOptics · PT20X-SDI/NDI-xxPTZOptics · PT20X-SE-xx-G3PTZOptics · PT20X-STUDIO-4K-xx-G3PTZOptics · PT20X-USB-xxPTZOptics · PT30X-4K-xx-G3PTZOptics · PT30X-LINK-4K-xxPTZOptics · PT30X-SDI/NDI-xxPTZOptics · PT30X-SE-xx-G3PTZOptics · PT-STUDIOPROPTZOptics · VL Fixed Camera/NDI Fixed CameraSMTAV · Pan-Tilt-Zoom CamerasValueHD · Pan-Tilt-Zoom Cameras

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.jsonhttps://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10https://www.cve.org/CVERecord?id=CVE-2025-35452https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-aihttps://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/