Description
BS Producten Petcam 33.1.0.0818 is vulnerable to Incorrect Access Control. An unauthenticated attacker in physical proximity can associate with this open network. Once connected, the attacker gains access to the camera's private network interface and can retrieve sensitive information, including the live video and audio stream, without providing credentials.
Published: 2026-03-27
Score: 6.5 Medium
EPSS: n/a
KEV: No
Impact: Unauthorized access to video and audio streams without credentials
Action: Apply Patch
AI Analysis

Impact

The vulnerability allows an attacker who can physically reach the device to connect to its open network service without authentication. Once connected, the attacker can access the camera’s private interface and retrieve live video and audio streams, effectively stealing sensitive surveillance data. This flaw stems from incorrect access control mechanisms and is classified as a credential‑less data capture.

Affected Systems

Browser devices manufactured by BS Producten, specifically the Petcam 33.1.0.0818 firmware build, are susceptible. The vulnerability applies only to this exact version; no other versions are currently known to be affected.

Risk and Exploitability

The CVSS base score of 6.5 indicates moderate severity. Although the EPSS score is unavailable, the requirement for physical proximity and open‐network access limits broader exploitation. The issue is not listed in the CISA Known Exploited Vulnerabilities catalog, suggesting no publicly confirmed exploits. Still, the risk of immediate unauthorized data access remains significant for anyone in the device’s vicinity.

Generated by OpenCVE AI on March 27, 2026 at 16:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the firmware to the latest version released by BS Producten.
  • If an update is unavailable, disable open network access and enable a strong password on the device’s management interface.
  • Ensure the device is placed out of reach of untrusted individuals.

Generated by OpenCVE AI on March 27, 2026 at 16:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 27 Mar 2026 14:45:00 +0000

Type Values Removed Values Added
Description BS Producten Petcam 33.1.0.0818 is vulnerable to Incorrect Access Control. An unauthenticated attacker in physical proximity can associate with this open network. Once connected, the attacker gains access to the camera's private network interface and can retrieve sensitive information, including the live video and audio stream, without providing credentials.
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AC:L/AV:A/A:N/C:H/I:N/PR:N/S:U/UI:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-27T15:05:02.451Z

Reserved: 2026-01-09T00:00:00.000Z

Link: CVE-2025-69988

cve-icon Vulnrichment

Updated: 2026-03-27T15:04:29.242Z

cve-icon NVD

Status : Received

Published: 2026-03-27T15:16:46.017

Modified: 2026-03-27T16:16:21.190

Link: CVE-2025-69988

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T20:29:07Z

Weaknesses