Strix
26.1K

CVE-2025-35451

CRITICALCVSS 9.3/10EPSS 0.72%

Last modified

CVE-2025-35451 is a critical-severity vulnerability rated 9.3/10 on the CVSS scale. PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. EPSS estimates a 0.72% chance of exploitation in the next 30 days.

Description

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.

Metrics

CVSS 3.1
9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 4.0
9.3/10

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

EPSS Probability
0.72%

49.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
PtzopticsPt12x-Sdi-Xx-G2 Firmware<= 6.3.34
PtzopticsPt12x-Ndi-Xx Firmware<= 6.3.34
PtzopticsPt12x-Usb-Xx-G2 Firmware<= 6.2.81
PtzopticsPt20x-Sdi-Xx-G2 Firmware<= 6.3.20
PtzopticsPt20x-Ndi-Xx Firmware<= 6.3.20
PtzopticsPt20x-Usb-Xx-G2 Firmware<= 6.2.73
PtzopticsPt30x-Sdi-Xx-G2 Firmware<= 6.3.30
PtzopticsPt30x-Ndi-Xx Firmware<= 6.3.30
PtzopticsPt12x-Zcam Firmware<= 7.2.76
PtzopticsPt20x-Zcam Firmware<= 7.2.82
PtzopticsPtvl-Zcam Firmware<= 7.2.79
PtzopticsPteptz-Zcam-G2 Firmware<= 8.1.81
PtzopticsPteptz-Ndi-Zcam-G2 Firmware<= 8.1.81
PtzopticsVl Fixed Camera Firmware<= 7.2.94
PtzopticsNdi Fixed Camera Firmware<= 7.2.94
Multicam-SystemsMcamii Ptz FirmwareAll versions
SmtavBa30s FirmwareAll versions
SmtavBa20s FirmwareAll versions
SmtavBv20s FirmwareAll versions
SmtavBx30s FirmwareAll versions
SmtavBx20n FirmwareAll versions
SmtavBx20uhd-N FirmwareAll versions
SmtavBx20uhd FirmwareAll versions
SmtavBa30-N FirmwareAll versions
SmtavBa20-N FirmwareAll versions
SmtavBa12-N FirmwareAll versions
SmtavHd17h-N FirmwareAll versions
SmtavBx20s-Sh FirmwareAll versions
SmtavHd17h FirmwareAll versions
SmtavBv30s FirmwareAll versions
SmtavBa12s FirmwareAll versions
ValuehdVx90 FirmwareAll versions
ValuehdVx720l FirmwareAll versions
ValuehdVx752ag FirmwareAll versions
ValuehdVx752a FirmwareAll versions
ValuehdVx751ba FirmwareAll versions
ValuehdVx630al FirmwareAll versions
ValuehdVx61asl FirmwareAll versions
ValuehdVx61basl FirmwareAll versions
ValuehdVx60asl FirmwareAll versions
ValuehdVx61al FirmwareAll versions
ValuehdVx60al FirmwareAll versions
ValuehdVx701ra FirmwareAll versions
ValuehdVx701ta FirmwareAll versions
ValuehdVx800i2 FirmwareAll versions
ValuehdV61w FirmwareAll versions
ValuehdV63xl FirmwareAll versions
ValuehdV60xl FirmwareAll versions
ValuehdVx70uvs FirmwareAll versions
ValuehdVx71uvs FirmwareAll versions

Showing 50 of 51 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2025-35451?
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be disabled by the user.
How severe is CVE-2025-35451?
CVE-2025-35451 has a CVSS score of 9.3/10 (CRITICAL severity). The EPSS model estimates a 0.72% probability of exploitation in the next 30 days.
How do I fix CVE-2025-35451?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-35451?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST