CVE-2025-35451 (GCVE-0-2025-35451)
Vulnerability from cvelistv5 – Published: 2025-09-05 17:43 – Updated: 2025-09-08 18:08
VLAI?
Title
Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled
Summary
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.
Severity ?
9.8 (Critical)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| PTZOptics | PT12X-SE-xx-G3 |
Affected:
0 , < 9.1.43
(custom)
Unaffected: 9.1.43 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T18:08:16.124259Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T18:08:29.882Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PT12X-SE-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "9.1.43",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.1.43"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-LINK-4K-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "0.0.63",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "0.0.63"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-SE-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "9.1.32",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.1.32"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-LINK-4K-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "0.0.89",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "0.0.89"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT-STUDIOPRO",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "9.0.41",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.0.41"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT30X-SE-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "9.1.33",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.1.33"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT30X-LINK-4K-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "2.0.71",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.0.71"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-STUDIO-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "8.1.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.1.90"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-STUDIO-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "8.1.90",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.1.90"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-SDI/NDI-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.3.70",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.3.70"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-USB-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.2.88",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.2.88"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-SDI/NDI-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.3.27",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.3.27"
}
]
},
{
"defaultStatus": "unknown",
"product": "Pan-Tilt-Zoom Cameras",
"vendor": "SMTAV",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT30X-SDI/NDI-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.3.43",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.3.43"
}
]
},
{
"defaultStatus": "unknown",
"product": "Pan-Tilt-Zoom Cameras",
"vendor": "multiCAM Systems",
"versions": [
{
"status": "affected",
"version": "*"
}
]
},
{
"defaultStatus": "unknown",
"product": "VL Fixed Camera/NDI Fixed Camera",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "7.2.94",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "7.2.94"
}
]
},
{
"defaultStatus": "unknown",
"product": "12x Fixed Camera/NDI Fixed Camera",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "7.2.85",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "7.2.85"
}
]
},
{
"defaultStatus": "unknown",
"product": "20x Fixed Camera/NDI Fixed Camera",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "7.2.94",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "7.2.94"
}
]
},
{
"defaultStatus": "unknown",
"product": "EPTZ Fixed Camera/NDI Fixed Camera",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "8.1.89",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.1.89"
}
]
},
{
"defaultStatus": "unknown",
"product": "HC-EPTZ-NDI",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "8.2.14",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "8.2.14"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT12X-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "0.0.58",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "0.0.58"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "0.0.85",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "0.0.85"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT20X-USB-xx",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "6.2.81",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "6.2.81"
}
]
},
{
"defaultStatus": "unknown",
"product": "PT30X-4K-xx-G3",
"vendor": "PTZOptics",
"versions": [
{
"lessThan": "2.0.64",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.0.64"
}
]
},
{
"defaultStatus": "unknown",
"product": "Pan-Tilt-Zoom Cameras",
"vendor": "ValueHD",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"datePublic": "2025-06-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
},
{
"other": {
"content": {
"id": "CVE-2025-35451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-08T17:57:46.995811Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-08T17:58:14.754Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10"
},
{
"name": "url",
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35451"
},
{
"name": "url",
"url": "https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/"
},
{
"name": "url",
"url": "https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai"
}
],
"title": "Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-35451",
"datePublished": "2025-09-05T17:43:53.108Z",
"dateReserved": "2025-04-15T20:57:14.282Z",
"dateUpdated": "2025-09-08T18:08:29.882Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-35451\",\"sourceIdentifier\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"published\":\"2025-09-05T18:15:41.900\",\"lastModified\":\"2026-01-14T15:33:46.617\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:pt12x-sdi-xx-g2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3.34\",\"matchCriteriaId\":\"3C6D15AF-55E7-43B4-ADA3-D8D3834B25AE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:pt12x-sdi-xx-g2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4F77A04-EEF2-4B3B-B845-CBE5C12F1A75\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:pt12x-ndi-xx_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3.34\",\"matchCriteriaId\":\"544FB818-A00F-4520-A5B3-8F6F91CEBB05\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:pt12x-ndi-xx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DB480C1-5E4E-4CD1-B506-8551336C9BBE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:pt12x-usb-xx-g2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.2.81\",\"matchCriteriaId\":\"891794C0-F65E-4928-A8FC-213E22D9D4AA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:pt12x-usb-xx-g2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15174DE5-6AC9-486C-ACBD-EA7C35ED311E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:pt20x-sdi-xx-g2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3.20\",\"matchCriteriaId\":\"E5C82ADC-025D-4405-9AE3-78A97772021B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:pt20x-sdi-xx-g2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CC09930-9A57-4287-A705-7ADD66907220\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:pt20x-ndi-xx_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3.20\",\"matchCriteriaId\":\"5F5187DB-D70C-4601-B6E3-7759F7108B89\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:pt20x-ndi-xx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F1741C8-2A4C-4F43-908F-9871CFFC03D2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:pt20x-usb-xx-g2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.2.73\",\"matchCriteriaId\":\"31632F71-7DC0-4B1F-B398-4185D9D05058\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:pt20x-usb-xx-g2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA7AD997-CB8C-4B81-837A-B9FCEBD71053\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:pt30x-sdi-xx-g2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3.30\",\"matchCriteriaId\":\"324B010C-C5FA-4CF1-892C-A30A3308BD2F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:pt30x-sdi-xx-g2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE846C54-C7D3-41C2-B780-20ECA621AA08\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:pt30x-ndi-xx_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3.30\",\"matchCriteriaId\":\"C50EA5E4-114D-4CC8-A0B3-6963FEA8A4EC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:pt30x-ndi-xx:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD554CC3-7854-4BFA-B2F1-EEB88CB97E01\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:pt12x-zcam_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.2.76\",\"matchCriteriaId\":\"F0F5CF88-9BBF-49D5-8B1E-63EC91A3545F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:pt12x-zcam:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"709AAA3C-CDB4-4231-B134-B04FF9C072D3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:pt20x-zcam_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.2.82\",\"matchCriteriaId\":\"51294950-DB17-496F-AD52-A16D0DC78F97\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:pt20x-zcam:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"57C70BF4-CD6B-4647-9538-07165BAE740E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:ptvl-zcam_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.2.79\",\"matchCriteriaId\":\"43BD68E0-EBA1-49C9-A75F-B360F9999D60\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:ptvl-zcam:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F56FE121-BA29-46E4-ACC6-10DF608D1D31\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:pteptz-zcam-g2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.1.81\",\"matchCriteriaId\":\"85F0DCD6-77FF-4E0B-851B-D849ECE68923\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:pteptz-zcam-g2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B0F708-DC3F-40C6-8E13-26962892F3CA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:pteptz-ndi-zcam-g2_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.1.81\",\"matchCriteriaId\":\"133BE139-56AE-4498-892C-A16DB8515F56\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:pteptz-ndi-zcam-g2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2894827-5A69-4532-B748-F5EF2DBF850B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:vl_fixed_camera_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.2.94\",\"matchCriteriaId\":\"1340FADC-A764-4A75-9987-4124A7C390AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:vl_fixed_camera:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E239F9F9-1F0B-4968-93A4-FCE2D4A38AA7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:ptzoptics:ndi_fixed_camera_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.2.94\",\"matchCriteriaId\":\"FAEDECA8-9D03-4101-A702-F42EB553A373\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:ptzoptics:ndi_fixed_camera:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1156C67-9320-457E-9F20-EA074B61D23E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:multicam-systems:mcamii_ptz_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CA98A76-4DB9-4356-A7BE-41E6ECC4D3B9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:multicam-systems:mcamii_ptz:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2E9EF4F-E482-4061-894D-1D46D06A50DE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:ba30s_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3664C3EB-CECD-4621-AFF6-99A051F56ECF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:ba30s:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DEF548C-B07F-41F2-B401-94495E469231\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:ba20s_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB7A2858-9628-4E47-BEA7-437C763305E7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:ba20s:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D60A1A77-5C4D-4D53-88E2-53787D8650CF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:bv20s_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94764087-5CB2-4D8A-8BF8-86D39AE02EB0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:bv20s:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2F01133-AACB-450E-AD67-0DDF9BDA8471\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:bx30s_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DAD802D-C99C-4EC6-BB9B-A65F1B44E080\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:bx30s:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65ED2968-A70C-4B8E-86D9-6918FA44B0A1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:bx20n_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B51C420B-D959-4908-9D69-4738BD9C2735\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:bx20n:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60D45C75-C063-4F19-9DFC-4C86F1843CD2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:bx20uhd-n_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08FE748D-AA88-456B-8531-A3BC10A70076\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:bx20uhd-n:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A82C682B-7BBD-4A14-B5BA-6D5D38F30910\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:bx20uhd_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8E2BBA3-0181-4A03-A2C1-CBEEBE309F7F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:bx20uhd:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6092A09-81E4-4897-9E8D-4B877D5CF40C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:ba30-n_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4C7C66B-FB6D-48FE-A29F-D6A026000B77\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:ba30-n:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E52F8AE-84E5-4D27-90CE-F943CFB9F1BB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:ba20-n_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0903CE7-E93F-446F-8C24-8CB0CB5C6C4C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:ba20-n:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2330045-621C-4AF0-9E8F-352C0CC13935\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:ba12-n_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DBBD404B-71FC-48F0-BA47-C311320E784F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:ba12-n:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51C2D7BA-9C63-46C8-8288-D888417B5498\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:hd17h-n_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6115A188-C0B7-45FF-9620-C7C0EA116B01\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:hd17h-n:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80234A2A-4009-4FF6-B446-2BC63D713A1B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:bx20s-sh_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5524546-4232-45CB-B62A-21F594271161\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:bx20s-sh:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD5855BD-509E-4869-9D76-CA481CC979C2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:hd17h_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D927EAED-3F52-41FA-8A24-4372CF4F291C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:hd17h:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CBAB8BC-33CD-4C0B-94DD-03E1835766E3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:bv30s_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"625A3DB6-F58A-4EBD-8F8F-056C73C8AB39\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:bv30s:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58A4629E-1803-43FA-8039-6FF91E93BFBD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:smtav:ba12s_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F7B8B81-1910-4CBD-BDD9-E7A1AE1D31E3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:smtav:ba12s:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C81C8B44-A73B-49DB-BFD7-C3B0ADA5745C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx90_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C60FF97-B3B9-4999-8B8B-206CFA156155\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx90:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DDFF0D5-31E8-4FC1-82C5-BEB717D989F3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx720l_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC721112-03C5-44B6-80A9-3AB59769FA32\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx720l:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E69A184-0FD0-43C9-9F77-2B7011969A27\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx752ag_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1F66C98-807B-4077-8157-88E09B1A3CEF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx752ag:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B19ACD8-CB3E-4D5A-B694-1F7AF29D6AC4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx752a_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F006B557-7A79-4041-9241-70C66E0BAA63\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx752a:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C96E26D-C473-4681-A4A1-6CC698BDD52E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx751ba_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"030BCB3D-25CB-4EEF-8B38-DCF4C021B028\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx751ba:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F2075B6-907C-4B16-898A-28F782074F6B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx630al_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"770E3253-6A2C-477D-B65D-CE765885056D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx630al:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE616997-0BC2-4D64-BD45-C06F11B1C771\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx61asl_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABCB16F2-B2E7-46FE-89A3-BB90667F7818\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx61asl:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C4DA3CE-74B5-4F3A-9799-3785B95075F2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx61basl_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B97EAEC-66A2-4680-BFBF-CBD68F82A2C5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx61basl:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC41EBD6-A68B-4F6E-9E6C-D1EF923EF8D6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx60asl_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CC87018-A8AA-459B-8E66-3557E4FDBE25\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx60asl:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63465938-AA8D-418E-9D33-0813F814BFF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx61al_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D52E02C-EFFC-4623-8C09-B3057DC6EA5B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx61al:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E2E5C26-5BFC-4916-A6DB-467AABF0F93E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx60al_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65C4CE23-603B-4A48-87AF-6B499CE55F57\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx60al:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04F093F0-D459-4435-A4C1-AC59429E6820\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx701ra_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20B1617C-2179-47D0-B86A-1AEDB18B5BB2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx701ra:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10F922D8-3732-4A1F-AB9B-6A2BF3E23733\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx701ta_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65A4AD7D-D54A-4B83-8F11-B3B8B5C8D816\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx701ta:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F30C0B5D-777C-45E4-92BA-F57FF343434E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx800i2_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1EE9733-3A9D-4EC5-9AA2-F6470F103A27\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx800i2:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8798DAF2-1ADE-4C90-BE92-AB9524CC1E7D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:v61w_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5313367B-5C23-4AA9-8A8A-81D84D87DB54\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:v61w:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"965F183B-DE59-413B-B2F3-23A418365506\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:v63xl_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11A52DC6-112B-486B-ADB3-3A8ACC80F227\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:v63xl:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF9BC092-4D6D-436E-92AA-7AB3199B1F3A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:v60xl_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA0E60D7-B892-460F-8A0A-5F1A155D4A89\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:v60xl:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4F39081-366E-4C3D-B01B-A56408B770B4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx70uvs_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DAE5333-0648-45B8-BF79-C22BA01A07E7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx70uvs:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EFDC9C3-6E1F-46C6-86FA-1B1DBFF45918\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:vx71uvs_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AFCC13D-8A14-4C9B-A1AC-A23E4D32A46A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:vx71uvs:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30460A5C-6D10-4786-BAFF-B52F820D5190\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:valuehd:v71uvs_firmware:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10818FEF-34EA-49EF-A838-DDD47E8E5A07\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:valuehd:v71uvs:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE4EC13A-51CF-47AA-A239-5750E3F62A7A\"}]}]}],\"references\":[{\"url\":\"https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.cve.org/CVERecord?id=CVE-2025-35451\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-35451\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-08T18:08:16.124259Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-08T18:08:26.210Z\"}}], \"cna\": {\"title\": \"Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 9.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-35451\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-08T17:57:46.995811Z\"}}}], \"affected\": [{\"vendor\": \"PTZOptics\", \"product\": \"PT12X-SE-xx-G3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"9.1.43\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"9.1.43\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT12X-LINK-4K-xx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.0.63\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"0.0.63\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT20X-SE-xx-G3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"9.1.32\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"9.1.32\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT20X-LINK-4K-xx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.0.89\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"0.0.89\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT-STUDIOPRO\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"9.0.41\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"9.0.41\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT30X-SE-xx-G3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"9.1.33\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"9.1.33\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT30X-LINK-4K-xx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.0.71\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"2.0.71\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT12X-STUDIO-4K-xx-G3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"8.1.90\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"8.1.90\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT20X-STUDIO-4K-xx-G3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"8.1.90\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"8.1.90\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT12X-SDI/NDI-xx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"6.3.70\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"6.3.70\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT12X-USB-xx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"6.2.88\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"6.2.88\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT20X-SDI/NDI-xx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"6.3.27\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"6.3.27\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"SMTAV\", \"product\": \"Pan-Tilt-Zoom Cameras\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT30X-SDI/NDI-xx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"6.3.43\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"6.3.43\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"multiCAM Systems\", \"product\": \"Pan-Tilt-Zoom Cameras\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"VL Fixed Camera/NDI Fixed Camera\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"7.2.94\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"7.2.94\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"12x Fixed Camera/NDI Fixed Camera\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"7.2.85\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"7.2.85\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"20x Fixed Camera/NDI Fixed Camera\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"7.2.94\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"7.2.94\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"EPTZ Fixed Camera/NDI Fixed Camera\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"8.1.89\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"8.1.89\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"HC-EPTZ-NDI\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"8.2.14\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"8.2.14\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT12X-4K-xx-G3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.0.58\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"0.0.58\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT20X-4K-xx-G3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.0.85\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"0.0.85\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT20X-USB-xx\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"6.2.81\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"6.2.81\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"PTZOptics\", \"product\": \"PT30X-4K-xx-G3\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.0.64\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"2.0.64\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"ValueHD\", \"product\": \"Pan-Tilt-Zoom Cameras\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\"}], \"defaultStatus\": \"unknown\"}], \"datePublic\": \"2025-06-12T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.cisa.gov/news-events/ics-advisories/icsa-25-162-10\", \"name\": \"url\"}, {\"url\": \"https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2025/icsa-25-162-10.json\", \"name\": \"url\"}, {\"url\": \"https://www.cve.org/CVERecord?id=CVE-2025-35451\", \"name\": \"url\"}, {\"url\": \"https://www.labs.greynoise.io/grimoire/2024-10-31-sift-0-day-rce/\", \"name\": \"url\"}, {\"url\": \"https://www.greynoise.io/blog/greynoise-intelligence-discovers-zero-day-vulnerabilities-in-live-streaming-cameras-with-the-help-of-ai\", \"name\": \"url\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-798\", \"description\": \"CWE-798 Use of Hard-coded Credentials\"}]}], \"providerMetadata\": {\"orgId\": \"9119a7d8-5eab-497f-8521-727c672e3725\", \"shortName\": \"cisa-cg\", \"dateUpdated\": \"2025-09-08T17:58:14.754Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-35451\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-09-08T18:08:29.882Z\", \"dateReserved\": \"2025-04-15T20:57:14.282Z\", \"assignerOrgId\": \"9119a7d8-5eab-497f-8521-727c672e3725\", \"datePublished\": \"2025-09-05T17:43:53.108Z\", \"assignerShortName\": \"cisa-cg\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…