🎯Basically, a flaw lets hackers access your camera without a password.
What Happened
A serious vulnerability has been discovered in the Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera. This flaw allows attackers to bypass authentication, granting them remote access to sensitive information and live video streams from the camera. The affected firmware version is V5.00.R02.000807D8.10010.346624.S.ONVIF_21.06.
The Flaw
The vulnerability, identified as CVE-2025-65856, stems from a missing authentication for critical functions within the camera's ONVIF implementation. This oversight enables unauthorized users to access 31 critical endpoints directly, compromising the device's security.
What's at Risk
If exploited, this vulnerability could lead to unauthorized access to live video feeds and sensitive data stored on the camera. This poses significant risks, especially in environments where these cameras are used for security and surveillance in commercial facilities.
Patch Status
As of now, Hangzhou Xiongmai Technology Co., Ltd has not provided a patch or mitigation strategy for this vulnerability. Users are encouraged to reach out to the company's customer support for further guidance.
Immediate Actions
CISA recommends several defensive measures to mitigate the risk of exploitation:
Containment
- 1.Minimize network exposure for all control system devices, ensuring they are not accessible from the internet.
- 2.Use firewalls to isolate control system networks from business networks.
Remediation
Conclusion
The discovery of this authentication bypass vulnerability highlights the importance of securing IoT devices, especially those used in critical infrastructure. Users of the affected XM530 IP cameras should take immediate steps to secure their devices and monitor for any unauthorized access.
🔒 Pro insight: The lack of authentication on critical endpoints is a common oversight in IoT devices, increasing the risk of widespread exploitation.
