CVE-2025-35451 - Vulnerability Details

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00056.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Multicam-systems Subscribe	Mcamii Ptz Subscribe Mcamii Ptz Firmware Subscribe
Ptzoptics Subscribe	Ndi Fixed Camera Subscribe Ndi Fixed Camera Firmware Subscribe Pt12x-ndi-xx Subscribe Pt12x-ndi-xx Firmware Subscribe Pt12x-sdi-xx-g2 Subscribe Pt12x-sdi-xx-g2 Firmware Subscribe Pt12x-usb-xx-g2 Subscribe Pt12x-usb-xx-g2 Firmware Subscribe Pt12x-zcam Subscribe Pt12x-zcam Firmware Subscribe Pt20x-ndi-xx Subscribe Pt20x-ndi-xx Firmware Subscribe Pt20x-sdi-xx-g2 Subscribe Pt20x-sdi-xx-g2 Firmware Subscribe Pt20x-usb-xx-g2 Subscribe Pt20x-usb-xx-g2 Firmware Subscribe Pt20x-zcam Subscribe Pt20x-zcam Firmware Subscribe Pt30x-ndi-xx Subscribe Pt30x-ndi-xx Firmware Subscribe Pt30x-sdi-xx-g2 Subscribe Pt30x-sdi-xx-g2 Firmware Subscribe Pteptz-ndi-zcam-g2 Subscribe Pteptz-ndi-zcam-g2 Firmware Subscribe Pteptz-zcam-g2 Subscribe Pteptz-zcam-g2 Firmware Subscribe Ptvl-zcam Subscribe Ptvl-zcam Firmware Subscribe Vl Fixed Camera Subscribe Vl Fixed Camera Firmware Subscribe
Smtav Subscribe	Ba12-n Subscribe Ba12-n Firmware Subscribe Ba12s Subscribe Ba12s Firmware Subscribe Ba20-n Subscribe Ba20-n Firmware Subscribe Ba20s Subscribe Ba20s Firmware Subscribe Ba30-n Subscribe Ba30-n Firmware Subscribe Ba30s Subscribe Ba30s Firmware Subscribe Bv20s Subscribe Bv20s Firmware Subscribe Bv30s Subscribe Bv30s Firmware Subscribe Bx20n Subscribe Bx20n Firmware Subscribe Bx20s-sh Subscribe Bx20s-sh Firmware Subscribe Bx20uhd Subscribe Bx20uhd-n Subscribe Bx20uhd-n Firmware Subscribe Bx20uhd Firmware Subscribe Bx30s Subscribe Bx30s Firmware Subscribe Hd17h Subscribe Hd17h-n Subscribe Hd17h-n Firmware Subscribe Hd17h Firmware Subscribe
Valuehd Subscribe	V60xl Subscribe V60xl Firmware Subscribe V61w Subscribe V61w Firmware Subscribe V63xl Subscribe V63xl Firmware Subscribe V71uvs Subscribe V71uvs Firmware Subscribe Vx60al Subscribe Vx60al Firmware Subscribe Vx60asl Subscribe Vx60asl Firmware Subscribe Vx61al Subscribe Vx61al Firmware Subscribe Vx61asl Subscribe Vx61asl Firmware Subscribe Vx61basl Subscribe Vx61basl Firmware Subscribe Vx630al Subscribe Vx630al Firmware Subscribe Vx701ra Subscribe Vx701ra Firmware Subscribe Vx701ta Subscribe Vx701ta Firmware Subscribe Vx70uvs Subscribe Vx70uvs Firmware Subscribe Vx71uvs Subscribe Vx71uvs Firmware Subscribe Vx720l Subscribe Vx720l Firmware Subscribe Vx751ba Subscribe Vx751ba Firmware Subscribe Vx752a Subscribe Vx752a Firmware Subscribe Vx752ag Subscribe Vx752ag Firmware Subscribe Vx800i2 Subscribe Vx800i2 Firmware Subscribe Vx90 Subscribe Vx90 Firmware Subscribe

Configuration 1 [-]

AND

cpe:2.3:o:ptzoptics:pt12x-sdi-xx-g2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:pt12x-sdi-xx-g2:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:ptzoptics:pt12x-ndi-xx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:pt12x-ndi-xx:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:ptzoptics:pt12x-usb-xx-g2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:pt12x-usb-xx-g2:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:ptzoptics:pt20x-sdi-xx-g2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:pt20x-sdi-xx-g2:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:ptzoptics:pt20x-ndi-xx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:pt20x-ndi-xx:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:ptzoptics:pt20x-usb-xx-g2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:pt20x-usb-xx-g2:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:ptzoptics:pt30x-sdi-xx-g2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:pt30x-sdi-xx-g2:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:ptzoptics:pt30x-ndi-xx_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:pt30x-ndi-xx:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:ptzoptics:pt12x-zcam_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:pt12x-zcam:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:ptzoptics:pt20x-zcam_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:pt20x-zcam:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:ptzoptics:ptvl-zcam_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:ptvl-zcam:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:ptzoptics:pteptz-zcam-g2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:pteptz-zcam-g2:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:ptzoptics:pteptz-ndi-zcam-g2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:pteptz-ndi-zcam-g2:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:ptzoptics:vl_fixed_camera_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:vl_fixed_camera:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:ptzoptics:ndi_fixed_camera_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ptzoptics:ndi_fixed_camera:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:multicam-systems:mcamii_ptz_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:multicam-systems:mcamii_ptz:*:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:smtav:ba30s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:ba30s:*:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:smtav:ba20s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:ba20s:*:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:smtav:bv20s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:bv20s:*:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:smtav:bx30s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:bx30s:*:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:smtav:bx20n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:bx20n:*:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:smtav:bx20uhd-n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:bx20uhd-n:*:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:smtav:bx20uhd_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:bx20uhd:*:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:smtav:ba30-n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:ba30-n:*:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:smtav:ba20-n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:ba20-n:*:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:smtav:ba12-n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:ba12-n:*:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:smtav:hd17h-n_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:hd17h-n:*:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:smtav:bx20s-sh_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:bx20s-sh:*:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:smtav:hd17h_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:hd17h:*:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:smtav:bv30s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:bv30s:*:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:smtav:ba12s_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:smtav:ba12s:*:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:valuehd:vx90_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx90:*:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:valuehd:vx720l_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx720l:*:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:valuehd:vx752ag_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx752ag:*:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:valuehd:vx752a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx752a:*:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:valuehd:vx751ba_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx751ba:*:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:valuehd:vx630al_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx630al:*:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:valuehd:vx61asl_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx61asl:*:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:valuehd:vx61basl_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx61basl:*:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:valuehd:vx60asl_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx60asl:*:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:valuehd:vx61al_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx61al:*:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:valuehd:vx60al_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx60al:*:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:valuehd:vx701ra_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx701ra:*:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:valuehd:vx701ta_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx701ta:*:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:valuehd:vx800i2_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx800i2:*:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:valuehd:v61w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:v61w:*:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:valuehd:v63xl_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:v63xl:*:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:valuehd:v60xl_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:v60xl:*:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:valuehd:vx70uvs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx70uvs:*:*:*:*:*:*:*:*

Configuration 50 [-]

AND

cpe:2.3:o:valuehd:vx71uvs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:vx71uvs:*:*:*:*:*:*:*:*

Configuration 51 [-]

AND

cpe:2.3:o:valuehd:v71uvs_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:valuehd:v71uvs:*:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2025-27022	PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json
https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10
https://www.cve.org/CVERecord?id=CVE-2025-35451
https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai
https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/

History

Wed, 14 Jan 2026 15:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Multicam-systems Multicam-systems mcamii Ptz Multicam-systems mcamii Ptz Firmware Ptzoptics Ptzoptics ndi Fixed Camera Ptzoptics ndi Fixed Camera Firmware Ptzoptics pt12x-ndi-xx Ptzoptics pt12x-ndi-xx Firmware Ptzoptics pt12x-sdi-xx-g2 Ptzoptics pt12x-sdi-xx-g2 Firmware Ptzoptics pt12x-usb-xx-g2 Ptzoptics pt12x-usb-xx-g2 Firmware Ptzoptics pt12x-zcam Ptzoptics pt12x-zcam Firmware Ptzoptics pt20x-ndi-xx Ptzoptics pt20x-ndi-xx Firmware Ptzoptics pt20x-sdi-xx-g2 Ptzoptics pt20x-sdi-xx-g2 Firmware Ptzoptics pt20x-usb-xx-g2 Ptzoptics pt20x-usb-xx-g2 Firmware Ptzoptics pt20x-zcam Ptzoptics pt20x-zcam Firmware Ptzoptics pt30x-ndi-xx Ptzoptics pt30x-ndi-xx Firmware Ptzoptics pt30x-sdi-xx-g2 Ptzoptics pt30x-sdi-xx-g2 Firmware Ptzoptics pteptz-ndi-zcam-g2 Ptzoptics pteptz-ndi-zcam-g2 Firmware Ptzoptics pteptz-zcam-g2 Ptzoptics pteptz-zcam-g2 Firmware Ptzoptics ptvl-zcam Ptzoptics ptvl-zcam Firmware Ptzoptics vl Fixed Camera Ptzoptics vl Fixed Camera Firmware Smtav Smtav ba12-n Smtav ba12-n Firmware Smtav ba12s Smtav ba12s Firmware Smtav ba20-n Smtav ba20-n Firmware Smtav ba20s Smtav ba20s Firmware Smtav ba30-n Smtav ba30-n Firmware Smtav ba30s Smtav ba30s Firmware Smtav bv20s Smtav bv20s Firmware Smtav bv30s Smtav bv30s Firmware Smtav bx20n Smtav bx20n Firmware Smtav bx20s-sh Smtav bx20s-sh Firmware Smtav bx20uhd Smtav bx20uhd-n Smtav bx20uhd-n Firmware Smtav bx20uhd Firmware Smtav bx30s Smtav bx30s Firmware Smtav hd17h Smtav hd17h-n Smtav hd17h-n Firmware Smtav hd17h Firmware Valuehd Valuehd v60xl Valuehd v60xl Firmware Valuehd v61w Valuehd v61w Firmware Valuehd v63xl Valuehd v63xl Firmware Valuehd v71uvs Valuehd v71uvs Firmware Valuehd vx60al Valuehd vx60al Firmware Valuehd vx60asl Valuehd vx60asl Firmware Valuehd vx61al Valuehd vx61al Firmware Valuehd vx61asl Valuehd vx61asl Firmware Valuehd vx61basl Valuehd vx61basl Firmware Valuehd vx630al Valuehd vx630al Firmware Valuehd vx701ra Valuehd vx701ra Firmware Valuehd vx701ta Valuehd vx701ta Firmware Valuehd vx70uvs Valuehd vx70uvs Firmware Valuehd vx71uvs Valuehd vx71uvs Firmware Valuehd vx720l Valuehd vx720l Firmware Valuehd vx751ba Valuehd vx751ba Firmware Valuehd vx752a Valuehd vx752a Firmware Valuehd vx752ag Valuehd vx752ag Firmware Valuehd vx800i2 Valuehd vx800i2 Firmware Valuehd vx90 Valuehd vx90 Firmware
CPEs		cpe:2.3:h:multicam-systems:mcamii_ptz:::::::: cpe:2.3:h:ptzoptics:ndi_fixed_camera:-:::::::* cpe:2.3:h:ptzoptics:pt12x-ndi-xx:-:::::::* cpe:2.3:h:ptzoptics:pt12x-sdi-xx-g2:-:::::::* cpe:2.3:h:ptzoptics:pt12x-usb-xx-g2:-:::::::* cpe:2.3:h:ptzoptics:pt12x-zcam:-:::::::* cpe:2.3:h:ptzoptics:pt20x-ndi-xx:-:::::::* cpe:2.3:h:ptzoptics:pt20x-sdi-xx-g2:-:::::::* cpe:2.3:h:ptzoptics:pt20x-usb-xx-g2:-:::::::* cpe:2.3:h:ptzoptics:pt20x-zcam:-:::::::* cpe:2.3:h:ptzoptics:pt30x-ndi-xx:-:::::::* cpe:2.3:h:ptzoptics:pt30x-sdi-xx-g2:-:::::::* cpe:2.3:h:ptzoptics:pteptz-ndi-zcam-g2:-:::::::* cpe:2.3:h:ptzoptics:pteptz-zcam-g2:-:::::::* cpe:2.3:h:ptzoptics:ptvl-zcam:-:::::::* cpe:2.3:h:ptzoptics:vl_fixed_camera:-:::::::* cpe:2.3:h:smtav:ba12-n:::::::: cpe:2.3:h:smtav:ba12s:::::::: cpe:2.3:h:smtav:ba20-n:::::::: cpe:2.3:h:smtav:ba20s:::::::: cpe:2.3:h:smtav:ba30-n:::::::: cpe:2.3:h:smtav:ba30s:::::::: cpe:2.3:h:smtav:bv20s:::::::: cpe:2.3:h:smtav:bv30s:::::::: cpe:2.3:h:smtav:bx20n:::::::: cpe:2.3:h:smtav:bx20s-sh:::::::: cpe:2.3:h:smtav:bx20uhd-n:::::::: cpe:2.3:h:smtav:bx20uhd:::::::: cpe:2.3:h:smtav:bx30s:::::::: cpe:2.3:h:smtav:hd17h-n:::::::: cpe:2.3:h:smtav:hd17h:::::::: cpe:2.3:h:valuehd:v60xl:::::::: cpe:2.3:h:valuehd:v61w:::::::: cpe:2.3:h:valuehd:v63xl:::::::: cpe:2.3:h:valuehd:v71uvs:::::::: cpe:2.3:h:valuehd:vx60al:::::::: cpe:2.3:h:valuehd:vx60asl:::::::: cpe:2.3:h:valuehd:vx61al:::::::: cpe:2.3:h:valuehd:vx61asl:::::::: cpe:2.3:h:valuehd:vx61basl:::::::: cpe:2.3:h:valuehd:vx630al:::::::: cpe:2.3:h:valuehd:vx701ra:::::::: cpe:2.3:h:valuehd:vx701ta:::::::: cpe:2.3:h:valuehd:vx70uvs:::::::: cpe:2.3:h:valuehd:vx71uvs:::::::: cpe:2.3:h:valuehd:vx720l:::::::: cpe:2.3:h:valuehd:vx751ba:::::::: cpe:2.3:h:valuehd:vx752a:::::::: cpe:2.3:h:valuehd:vx752ag:::::::: cpe:2.3:h:valuehd:vx800i2:::::::: cpe:2.3:h:valuehd:vx90:::::::: cpe:2.3:o:multicam-systems:mcamii_ptz_firmware:::::::: cpe:2.3:o:ptzoptics:ndi_fixed_camera_firmware:::::::: cpe:2.3:o:ptzoptics:pt12x-ndi-xx_firmware:::::::: cpe:2.3:o:ptzoptics:pt12x-sdi-xx-g2_firmware:::::::: cpe:2.3:o:ptzoptics:pt12x-usb-xx-g2_firmware:::::::: cpe:2.3:o:ptzoptics:pt12x-zcam_firmware:::::::: cpe:2.3:o:ptzoptics:pt20x-ndi-xx_firmware:::::::: cpe:2.3:o:ptzoptics:pt20x-sdi-xx-g2_firmware:::::::: cpe:2.3:o:ptzoptics:pt20x-usb-xx-g2_firmware:::::::: cpe:2.3:o:ptzoptics:pt20x-zcam_firmware:::::::: cpe:2.3:o:ptzoptics:pt30x-ndi-xx_firmware:::::::: cpe:2.3:o:ptzoptics:pt30x-sdi-xx-g2_firmware:::::::: cpe:2.3:o:ptzoptics:pteptz-ndi-zcam-g2_firmware:::::::: cpe:2.3:o:ptzoptics:pteptz-zcam-g2_firmware:::::::: cpe:2.3:o:ptzoptics:ptvl-zcam_firmware:::::::: cpe:2.3:o:ptzoptics:vl_fixed_camera_firmware:::::::: cpe:2.3:o:smtav:ba12-n_firmware:::::::: cpe:2.3:o:smtav:ba12s_firmware:::::::: cpe:2.3:o:smtav:ba20-n_firmware:::::::: cpe:2.3:o:smtav:ba20s_firmware:::::::: cpe:2.3:o:smtav:ba30-n_firmware:::::::: cpe:2.3:o:smtav:ba30s_firmware:::::::: cpe:2.3:o:smtav:bv20s_firmware:::::::: cpe:2.3:o:smtav:bv30s_firmware:::::::: cpe:2.3:o:smtav:bx20n_firmware:::::::: cpe:2.3:o:smtav:bx20s-sh_firmware:::::::: cpe:2.3:o:smtav:bx20uhd-n_firmware:::::::: cpe:2.3:o:smtav:bx20uhd_firmware:::::::: cpe:2.3:o:smtav:bx30s_firmware:::::::: cpe:2.3:o:smtav:hd17h-n_firmware:::::::: cpe:2.3:o:smtav:hd17h_firmware:::::::: cpe:2.3:o:valuehd:v60xl_firmware:::::::: cpe:2.3:o:valuehd:v61w_firmware:::::::: cpe:2.3:o:valuehd:v63xl_firmware:::::::: cpe:2.3:o:valuehd:v71uvs_firmware:::::::: cpe:2.3:o:valuehd:vx60al_firmware:::::::: cpe:2.3:o:valuehd:vx60asl_firmware:::::::: cpe:2.3:o:valuehd:vx61al_firmware:::::::: cpe:2.3:o:valuehd:vx61asl_firmware:::::::: cpe:2.3:o:valuehd:vx61basl_firmware:::::::: cpe:2.3:o:valuehd:vx630al_firmware:::::::: cpe:2.3:o:valuehd:vx701ra_firmware:::::::: cpe:2.3:o:valuehd:vx701ta_firmware:::::::: cpe:2.3:o:valuehd:vx70uvs_firmware:::::::: cpe:2.3:o:valuehd:vx71uvs_firmware:::::::: cpe:2.3:o:valuehd:vx720l_firmware:::::::: cpe:2.3:o:valuehd:vx751ba_firmware:::::::: cpe:2.3:o:valuehd:vx752a_firmware:::::::: cpe:2.3:o:valuehd:vx752ag_firmware:::::::: cpe:2.3:o:valuehd:vx800i2_firmware:::::::: cpe:2.3:o:valuehd:vx90_firmware::::::::
Vendors & Products		Multicam-systems Multicam-systems mcamii Ptz Multicam-systems mcamii Ptz Firmware Ptzoptics Ptzoptics ndi Fixed Camera Ptzoptics ndi Fixed Camera Firmware Ptzoptics pt12x-ndi-xx Ptzoptics pt12x-ndi-xx Firmware Ptzoptics pt12x-sdi-xx-g2 Ptzoptics pt12x-sdi-xx-g2 Firmware Ptzoptics pt12x-usb-xx-g2 Ptzoptics pt12x-usb-xx-g2 Firmware Ptzoptics pt12x-zcam Ptzoptics pt12x-zcam Firmware Ptzoptics pt20x-ndi-xx Ptzoptics pt20x-ndi-xx Firmware Ptzoptics pt20x-sdi-xx-g2 Ptzoptics pt20x-sdi-xx-g2 Firmware Ptzoptics pt20x-usb-xx-g2 Ptzoptics pt20x-usb-xx-g2 Firmware Ptzoptics pt20x-zcam Ptzoptics pt20x-zcam Firmware Ptzoptics pt30x-ndi-xx Ptzoptics pt30x-ndi-xx Firmware Ptzoptics pt30x-sdi-xx-g2 Ptzoptics pt30x-sdi-xx-g2 Firmware Ptzoptics pteptz-ndi-zcam-g2 Ptzoptics pteptz-ndi-zcam-g2 Firmware Ptzoptics pteptz-zcam-g2 Ptzoptics pteptz-zcam-g2 Firmware Ptzoptics ptvl-zcam Ptzoptics ptvl-zcam Firmware Ptzoptics vl Fixed Camera Ptzoptics vl Fixed Camera Firmware Smtav Smtav ba12-n Smtav ba12-n Firmware Smtav ba12s Smtav ba12s Firmware Smtav ba20-n Smtav ba20-n Firmware Smtav ba20s Smtav ba20s Firmware Smtav ba30-n Smtav ba30-n Firmware Smtav ba30s Smtav ba30s Firmware Smtav bv20s Smtav bv20s Firmware Smtav bv30s Smtav bv30s Firmware Smtav bx20n Smtav bx20n Firmware Smtav bx20s-sh Smtav bx20s-sh Firmware Smtav bx20uhd Smtav bx20uhd-n Smtav bx20uhd-n Firmware Smtav bx20uhd Firmware Smtav bx30s Smtav bx30s Firmware Smtav hd17h Smtav hd17h-n Smtav hd17h-n Firmware Smtav hd17h Firmware Valuehd Valuehd v60xl Valuehd v60xl Firmware Valuehd v61w Valuehd v61w Firmware Valuehd v63xl Valuehd v63xl Firmware Valuehd v71uvs Valuehd v71uvs Firmware Valuehd vx60al Valuehd vx60al Firmware Valuehd vx60asl Valuehd vx60asl Firmware Valuehd vx61al Valuehd vx61al Firmware Valuehd vx61asl Valuehd vx61asl Firmware Valuehd vx61basl Valuehd vx61basl Firmware Valuehd vx630al Valuehd vx630al Firmware Valuehd vx701ra Valuehd vx701ra Firmware Valuehd vx701ta Valuehd vx701ta Firmware Valuehd vx70uvs Valuehd vx70uvs Firmware Valuehd vx71uvs Valuehd vx71uvs Firmware Valuehd vx720l Valuehd vx720l Firmware Valuehd vx751ba Valuehd vx751ba Firmware Valuehd vx752a Valuehd vx752a Firmware Valuehd vx752ag Valuehd vx752ag Firmware Valuehd vx800i2 Valuehd vx800i2 Firmware Valuehd vx90 Valuehd vx90 Firmware

Mon, 08 Sep 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 05 Sep 2025 19:15:00 +0000

Type	Values Removed	Values Added
References		https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/

Fri, 05 Sep 2025 18:00:00 +0000

Type	Values Removed	Values Added
Description		PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.
Title		Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled
Weaknesses		CWE-798
References		https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10 https://www.cve.org/CVERecord?id=CVE-2025-35451
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}` cvssV4_0 `{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: cisa-cg

Published: 2025-09-05T17:43:53.108Z

Updated: 2025-09-08T18:08:29.882Z

Reserved: 2025-04-15T20:57:14.282Z

Link: CVE-2025-35451

Vulnrichment

Updated: 2025-09-08T18:08:26.210Z

NVD

Status : Analyzed

Published: 2025-09-05T18:15:41.900

Modified: 2026-01-14T15:33:46.617

Link: CVE-2025-35451

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-798

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object